From 4cedaf8b885200e1b5fa649111301d20df4ab67a Mon Sep 17 00:00:00 2001 From: turret Date: Fri, 16 Jan 2026 18:29:46 -0600 Subject: update 2026 --- .gnupg/gpg-agent.conf | 6 +++--- .gnupg/gpg.conf | 21 ++++++++++++++++++++- 2 files changed, 23 insertions(+), 4 deletions(-) (limited to '.gnupg') diff --git a/.gnupg/gpg-agent.conf b/.gnupg/gpg-agent.conf index f584310..2f64efe 100644 --- a/.gnupg/gpg-agent.conf +++ b/.gnupg/gpg-agent.conf @@ -1,4 +1,4 @@ -pinentry-program /usr/bin/pinentry -no-grab -default-cache-ttl 1800 +default-cache-ttl 600 +max-cache-ttl 7200 enable-ssh-support +#write-env-file ~/.gpg-agent-info diff --git a/.gnupg/gpg.conf b/.gnupg/gpg.conf index c025172..582d14b 100644 --- a/.gnupg/gpg.conf +++ b/.gnupg/gpg.conf @@ -1,12 +1,31 @@ -use-agent +# Assume that command line arguments are given as UTF8 strings. utf8-strings + +# when outputting certificates, view user IDs distinctly from keys: fixed-list-mode + +# long keyids are more collision-resistant than short keyids (it's trivial to make a key +# with any desired short keyid) +# NOTE: this breaks kmail gnupg support! keyid-format 0xlong + +# when multiple digests are supported by all recipients, choose the strongest one: personal-digest-preferences SHA512 SHA384 SHA256 SHA224 + +# preferences chosen for new keys should prioritize stronger algorithms: default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed + +# You should always know at a glance which User IDs GPG thinks are legitimately bound to +# the keys in the keyring: verify-options show-uid-validity list-options show-uid-validity + +# include an unambiguous indicator of which key made a signature: +# (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234) +# (and http://www.ietf.org/mail-archive/web/openpgp/current/msg00405.html) sig-notation issuer-fpr@notations.openpgp.fifthhorseman.net=%g + +# when making an OpenPGP certification, use a stronger digest than the default SHA1: cert-digest-algo SHA512 s2k-cipher-algo AES256 s2k-digest-algo SHA512 -- cgit v1.2.3