# These first three lines are not copied to the gpg.conf file in # the users home directory. # $Id$ # Options for GnuPG # Copyright 1998-2003, 2010 Free Software Foundation, Inc. # Copyright 1998-2003, 2010 Werner Koch # # This file is free software; as a special exception the author gives # unlimited permission to copy and/or distribute it, with or without # modifications, as long as this notice is preserved. # # This file is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY, to the extent permitted by law; without even the # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # # Unless you specify which option file to use (with the command line # option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf # by default. # # An options file can contain any long options which are available in # GnuPG. If the first non white space character of a line is a '#', # this line is ignored. Empty lines are also ignored. # # See the gpg man page for a list of options. # If you have more than 1 secret key in your keyring, you may want to # uncomment the following option and set your preferred keyid. #default-key 621CC013 # If you do not pass a recipient to gpg, it will ask for one. Using # this option you can encrypt to a default key. Key validation will # not be done in this case. The second form uses the default key as # default recipient. #default-recipient some-user-id #default-recipient-self # Group names may be defined like this: # group mynames = paige 0x12345678 joe patti # # Any time "mynames" is a recipient (-r or --recipient), it will be # expanded to the names "paige", "joe", and "patti", and the key ID # "0x12345678". Note there is only one level of expansion - you # cannot make an group that points to another group. Note also that # if there are spaces in the recipient name, this will appear as two # recipients. In these cases it is better to use the key ID. #group mynames = paige 0x12345678 joe patti # GnuPG can automatically locate and retrieve keys as needed using # this option. This happens when encrypting to an email address (in # the "user@@example.com" form) and there are no keys matching # "user@example.com" in the local keyring. This option takes any # number mechanisms which are tried in the given order. The default # is "--auto-key-locate local" to search for keys only in the local # key database. Uncomment the next line to locate a missing key using # two DNS based mechanisms. #auto-key-locate local,pka,dane # Common options for keyserver functions: # (Note that the --keyserver option has been moved to dirmngr.conf) # # include-disabled = when searching, include keys marked as "disabled" # on the keyserver (not all keyservers support this). # # no-include-revoked = when searching, do not include keys marked as # "revoked" on the keyserver. # # verbose = show more information as the keys are fetched. # Can be used more than once to increase the amount # of information shown. # # auto-key-retrieve = automatically fetch keys as needed from the keyserver # when verifying signatures or when importing keys that # have been revoked by a revocation key that is not # present on the keyring. # # no-include-attributes = do not include attribute IDs (aka "photo IDs") # when sending keys to the keyserver. keyserver-options auto-key-retrieve #keyserver wwwkeys.pgp.net #keyserver search.keyserver.net keyserver pgp.mit.edu # Uncomment this line to display photo user IDs in key listings and # when a signature from a key with a photo is verified. #show-photos # Use this program to display photo user IDs # # %i is expanded to a temporary file that contains the photo. # %I is the same as %i, but the file isn't deleted afterwards by GnuPG. # %k is expanded to the key ID of the key. # %K is expanded to the long OpenPGP key ID of the key. # %t is expanded to the extension of the image (e.g. "jpg"). # %T is expanded to the MIME type of the image (e.g. "image/jpeg"). # %f is expanded to the fingerprint of the key. # %% is %, of course. # # If %i or %I are not present, then the photo is supplied to the # viewer on standard input. If your platform supports it, standard # input is the best way to do this as it avoids the time and effort in # generating and then cleaning up a secure temp file. # # The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin" # On Mac OS X and Windows, the default is to use your regular JPEG image # viewer. # # Some other viewers: # photo-viewer "qiv %i" # photo-viewer "ee %i" # photo-viewer "display -title 'KeyID 0x%k'" # # This one saves a copy of the photo ID in your home directory: # photo-viewer "cat > ~/photoid-for-key-%k.%t" # # Use your MIME handler to view photos: # photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG" # Because some mailers change lines starting with "From " to ">From " # it is good to handle such lines in a special way when creating # cleartext signatures; all other PGP versions do it this way too. # To enable full OpenPGP compliance you may want to use this option. #no-escape-from-lines # Uncomment the following option to get rid of the copyright notice #no-greeting