# ~/.gnupg/gpg.conf |  gpg (GnuPG) 2.5.13
#
# This gpg.conf is tuned for safety, for a small circle PGP adoption
# in your surroundings, and for comfort.
#
# When you verify a signature, it automatically fetches the
# corresponding public key, if missing, from recommended secure
# sources.  Which is a very useful feature (at least to me).
#
# Have fun and safe texting!


# Prefer more modern ciphers over older ones.
personal-cipher-preferences CAMELLIA256 AES256 TWOFISH CAMELLIA192 AES192 CAMELLIA128 AES BLOWFISH
# Prefer strong hashes
personal-digest-preferences SHA512 SHA384 SHA256 SHA224 RIPEMD160
# Prefer modern compression
personal-compress-preferences BZIP2 ZLIB ZIP
# Default preferences for new keys
default-preference-list SHA512 SHA384 SHA256 SHA224 RIPEMD160 CAMELLIA256 AES256 TWOFISH CAMELLIA192 AES192 CAMELLIA128 AES BLOWFISH BZIP2 ZLIB ZIP
# SHA512 as digest to sign keys
cert-digest-algo SHA512
# SHA512 as digest for symmetric operations
s2k-digest-algo SHA512
# CAMELLIA256 as cipher for symmetric operations
s2k-cipher-algo CAMELLIA256
# Enable more compression
compress-level 9
bzip2-compress-level 9
# Only run gpg if memory is secured
require-secmem
# Disable banner
no-greeting
# Verbose output
#verbose
# Long hexidecimal key format
keyid-format 0xlong
# Display all keys and their fingerprints in a nice readable format
#with-fingerprint
# Display ownertrust and trust signatures
list-options show-ownertrust show-trustsig
# Show more info on checking signatures
list-options show-policy-urls show-user-notations show-keyserver-urls show-sig-expire
# Show expired subkeys
#list-options show-unusable-subkeys
# Display key origins and updates (still is experimental)
#with-key-origin
# When signing keys, always ask for the cert level
ask-cert-level
# Do update trustdb when needed to
auto-check-trustdb
# Portugal is a peripheric country, with small number of people.
# Let's be moderate with my circle's PGP adoption.
marginals-needed 2
# Disable caching of passphrase for symmetrical operations
no-symkey-cache
# Disable recipient key ID in messages (useful to hide the others
# recipients of a given message)
#throw-keyids
# If you do not pass a recipient to gpg, it will ask for one.  Using
# this option you can encrypt to a default key.  Key validation will
# not be done in this case.  The second form uses the default key as
# default recipient.
#default-recipient some-user-id
default-recipient-self
# Default/trusted key ID to use (also helpful with throw-keyids)
default-key 0x964FC110C40AD575
#trusted-key 0x964FC110C40AD575
# Always encrypt to
#encrypt-to 0x964FC110C40AD575
# Group recipient keys (preferred ID last)
#group keygroup = 0xFF00000000000001 0xFF00000000000002 0xFF3E7D88647EBCDB
# Keyserver URL
#keyserver hkps://pgp.mit.edu
keyserver hkps://keyserver.ubuntu.com:443
#keyserver hkps://pgp.ocf.berkeley.edu
#keyserver hkps://hkps.pool.sks-keyservers.net
#keyserver hkps://keys.gnupg.net
# Proxy to use for keyservers
#keyserver-options http-proxy=http://127.0.0.1:8118
#keyserver-options http-proxy=socks5-hostname://127.0.0.1:9050
# WKD key discovery
auto-key-locate local,wkd,dane,cert
#auto-key-locate local,wkd,dane,cert,ldap,keyserver,hkps://keys.gnupg.net
# Retrieve automatically key from Internet when verifying signatures
# wkd if: --sender (is the default if --auto-key-locate has "wkd")
# keyserver if: --sig-keyserver-url
# keyserver if: --keyserver is configured (as it is above)
auto-key-retrieve
# When verifying signatures, automatically import embedded key (if
# --include-key-block was used)
auto-key-import

You are viewing proxied material from tilde.club. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.