1################################################################################
2# GnuPG Options
3
4# (OpenPGP-Configuration-Options)
5# Assume that command line arguments are given as UTF8 strings.
6utf8-strings
7
8# (OpenPGP-Protocol-Options)
9# Set the list of personal digest/cipher/compression preferences. This allows
10# the user to safely override the algorithm chosen by the recipient key
11# preferences, as GPG will only select an algorithm that is usable by all
12# recipients.
13personal-digest-preferences SHA512 SHA384 SHA256 SHA224
14personal-cipher-preferences AES256 AES192 AES CAST5 CAMELLIA192 BLOWFISH TWOFISH CAMELLIA128 3DES
15personal-compress-preferences ZLIB BZIP2 ZIP
16
17# Set the list of default preferences to string. This preference list is used
18# for new keys and becomes the default for "setpref" in the edit menu.
19default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
20
21# (OpenPGP-Esoteric-Options)
22# Use name as the message digest algorithm used when signing a key. Running the
23# program with the command --version yields a list of supported algorithms. Be
24# aware that if you choose an algorithm that GnuPG supports but other OpenPGP
25# implementations do not, then some users will not be able to use the key
26# signatures you make, or quite possibly your entire key.
27#
28# SHA-1 is the only algorithm specified for OpenPGP V4. By changing the
29# cert-digest-algo, the OpenPGP V4 specification is not met but with even
30# GnuPG 1.4.10 (release 2009) supporting SHA-2 algorithm, this should be safe.
31# Source: https://tools.ietf.org/html/rfc4880#section-12.2
32cert-digest-algo SHA512
33digest-algo SHA256
34
35# Selects how passphrases for symmetric encryption are mangled. 3 (the default)
36# iterates the whole process a number of times (see --s2k-count).
37s2k-mode 3
38
39# (OpenPGP-Protocol-Options)
40# Use name as the cipher algorithm for symmetric encryption with a passphrase
41# if --personal-cipher-preferences and --cipher-algo are not given. The
42# default is AES-128.
43s2k-cipher-algo AES256
44
45# (OpenPGP-Protocol-Options)
46# Use name as the digest algorithm used to mangle the passphrases for symmetric
47# encryption. The default is SHA-1.
48s2k-digest-algo SHA512
49
50# (OpenPGP-Protocol-Options)
51# Specify how many times the passphrases mangling for symmetric encryption is
52# repeated. This value may range between 1024 and 65011712 inclusive. The
53# default is inquired from gpg-agent. Note that not all values in the
54# 1024-65011712 range are legal and if an illegal value is selected, GnuPG will
55# round up to the nearest legal value. This option is only meaningful if
56# --s2k-mode is set to the default of 3.
57s2k-count 1015808
58
59################################################################################
60# GnuPG View Options
61
62# Select how to display key IDs. "long" is the more accurate (but less
63# convenient) 16-character key ID. Add an "0x" to include an "0x" at the
64# beginning of the key ID.
65keyid-format 0xlong
66
67# List all keys with their fingerprints. This is the same output as --list-keys
68# but with the additional output of a line with the fingerprint. If this
69# command is given twice, the fingerprints of all secondary keys are listed too.
70with-fingerprint
71with-fingerprint
View as plain text