Re: Migrating to GPG - A mini-HOWTO

To: Brian Almeida <bma@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: Migrating to GPG - A mini-HOWTO
From: Joseph Carter <knghtbrd@debian.org>
Date: Sun, 12 Sep 1999 17:20:07 -0700
Message-id: <[🔎] 19990912172006.E17319@icarus.soark.net>
In-reply-to: <[🔎] 19990912174321.A3655@debian.org>
References: <[🔎] 19990912174321.A3655@debian.org>

On Sun, Sep 12, 1999 at 05:43:21PM -0400, Brian Almeida wrote:
> How to switch to GnuPG for developers..a very brief mini-HOWTO

Thank you very much for this bma, I'm working on a much more comprehensive
HOWTO but then again it should have been done weeks ago and the
information at least needs to get out there.

To help give another example of settings, here's what I have in my
~/.gnupg/options:

# Options for GnuPG
#
# Unless you you specify which option file to use (with the
# commandline option "--options filename"), GnuPG uses the
# file ~/.gnupg/options by default.
#
# An option file can contain all long options which are
# available in GnuPG. If the first non white space character of
# a line is a '#', this line is ignored.  Empty lines are also
# ignored.
#
# See the man page for a list of options.

## Default keyid selection
# default-key 0x3F9C2A43	# ElGammal encrypt
default-key 0xDCF9DAB3		# DSA sign
# default-key 0x50BDA0ED	# RSA sign/encrypt

				# Anyone know how to set default to
				# 0x3F9C2A43 _and_ 0xDCF9DAB3 depending
				# on what I'm doing?

## Compatibility options
				# PGPv2/5 compatibility
# force-v3-sigs
# rfc1991
# digest-algo md5
				# Screw PGP, let's be RFC compatible  =>
openpgp

## These extensions have patents or other issues
load-extension rsaref
				# Not for use in the States
#load-extension rsa
				# Patented in much of Europe
load-extension idea

## Other fun options
escape-from-lines
lock-once
no-verbose
no-greeting
comment The default gpg comment sucks!  ;>
				# Well it does!


## Keyrings
secret-keyring secring.gpg
secret-keyring secring.pgp
keyring pubring.gpg
keyring pubring.pgp
keyring /usr/share/keyrings/debian-keyring.pgp
keyring /usr/share/keyrings/debian-keyring.gpg


and the relevant part of my .muttrc (which I just edited a little to
explain a few things):

set pgp_autosign
set pgp_default_version=gpg
set pgp_replyencrypt
# set pgp_sign_as=0x50BDA0ED    # old RSA key
# set pgp_sign_micalg=md5
set pgp_sign_as=0xDCF9DAB3      # DSA key
set pgp_sign_micalg=sha1
set pgp_strict_enc              # use Q-P encoding when needed for PGP

-- 
Joseph Carter <knghtbrd@debian.org>             Debian GNU/Linux developer
GnuPG: 2048g/3F9C2A43 - 20F6 2261 F185 7A3E 79FC  44F9 8FF7 D7A3 DCF9 DAB3
PGP 2.6: 2048R/50BDA0ED - E8 D6 84 81 E3 A8 BB 77  8E E2 29 96 C9 44 5F BE
--------------------------------------------------------------------------
<Mercury> alexsh: Be /VERY/ cairful, you could, if your unlucky, fry your
          motherboards..

<Knghtbrd> Mercury - sounds like fun

Attachment: pgpoTasj7cOY6.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Migrating to GPG - A mini-HOWTO
  - From: Michael Meskes <meskes@debian.org>
- Re: Migrating to GPG - A mini-HOWTO
  - From: Wichert Akkerman <wichert@cs.leidenuniv.nl>

References:
- Migrating to GPG - A mini-HOWTO
  - From: Brian Almeida <bma@debian.org>

Prev by Date: Re: Migrating to GPG - A mini-HOWTO
Next by Date: Re: [PROPOSAL] Archive audit, cruft removal, unmaintained packages
Previous by thread: Re: Migrating to GPG - A mini-HOWTO
Next by thread: Re: Migrating to GPG - A mini-HOWTO
Index(es):
- Date
- Thread