1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
|
These first three lines are not copied to the options file in
the users home directory.
$Id$
# Options for GnuPG
# Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
#
# This file is free software; as a special exception the author gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved.
#
# This file is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# Unless you you specify which option file to use (with the
# commandline option "--options filename"), GnuPG uses the
# file ~/.gnupg/options by default.
#
# An option file can contain all long options which are
# available in GnuPG. If the first non white space character of
# a line is a '#', this line is ignored. Empty lines are also
# ignored.
#
# See the man page for a list of options.
# Uncomment the next line to get rid of the copyright notice
#no-greeting
# If you have more than 1 secret key in your keyring, you may want
# to uncomment the following option and set your preffered keyid
#default-key 621CC013
# GnuPG ultimately trusts all keys in the secret keyring. If you do
# not have all your secret keys online available you should use this
# option to tell GnuPG about ultimately trusted keys.
# You have to give the long keyID here which can be obtained by using
# the --list-key command along with the option --with-colons; you will
# get a line similiar to this one:
# pub:u:1024:17:5DE249965B0358A2:1999-03-15:2006-02-04:59:f:
# the 5th field is what you want.
#trusted-key 12345678ABCDEF01
# If you do not pass a recipient to gpg, it will ask for one.
# Using this option you can encrypt to a default key. key validation
# will not be done in this case.
# The second form uses the default key as default recipient.
#default-recipient some-user-id
#default-recipient-self
# The next option is enabled because this one is needed for interoperation
# with PGP 5 users. To enable full OpenPGP compliance you have to remove
# this option.
force-v3-sigs
# Because some mailers change lines starting with "From " to ">From "
# it is good to handle such lines in a special way when creating
# cleartext signatures; all other PGP versions do it this way too.
# To enable full OpenPGP compliance you have to remove this option.
escape-from-lines
# If you do not use the Latin-1 (ISO-8859-1) charset, you should
# tell GnuPG which is the native character set. Please check
# the man page for supported character sets.
#charset utf-8
# You may define aliases like this:
# alias mynames -u 0x12345678 -u 0x456789ab -z 9
# everytime you use --mynames, it will be expanded to the options
# in the above defintion. The name of the alias may not be abbreviated.
# NOTE: This is not yet implemented
# lock the file only once for the lifetime of a process.
# if you do not define this, the lock will be obtained and released
# every time it is needed - normally this is not needed.
lock-once
# If you have configured GnuPG without a random gatherer
# (./configure --enable-static-rnd=none), you have to
# uncomment _one_ of the following lines. These
# extensions won't get used if you have a random gatherer
# compiled in (which is the default for GNU and xxxBSD systems)
#load-extension rndlinux
#load-extension rndunix
#load-extension rndegd
# GnuPG can send and receive keys to and from a keyserver. These
# servers can be HKP, email, or LDAP (if GnuPG is built with LDAP
# support).
#
# Example HKP keyserver:
# x-hkp://wwwkeys.nl.pgp.net
#
# Example email keyserver:
# mailto:[email protected]
#
# Example LDAP keyserver:
# ldap://keyserver.pgp.com
#
# Regular URL syntax applies, and you can set an alternate port
# through the usual method:
# x-hkp://keyserver.example.net:22742
#
# If you have problems connecting to a HKP server through a buggy
# http proxy, you can use this:
# x-broken-hkp://keyserver.example.net
# But first you should make sure that you have read the man page regarding
# proxies (honor-http-proxy)
#
# Most users just set the name and type of their preferred keyserver.
# Most servers do synchronize with each other and DNS round-robin may
# give you a quasi-random server each time.
#keyserver mailto:[email protected]
#keyserver ldap://keyserver.pgp.com
#keyserver x-hkp://wwwkeys.nl.pgp.net
# Options for keyserver functions
#
# include-disabled = when searching, include keys marked as "disabled"
# on the keyserver (not all keyservers support this).
#
# include-revoked = when searching, include keys marked as "revoked"
# on the keyserver.
#
# verbose = show more information as the keys are fetched.
# Can be included more than once to increase the amount
# of information shown.
#
# use-temp-files = use temporary files instead of a pipe to talk to the
# keyserver. Some platforms (Win32 for one) always
# have this on.
#
# keep-temp-files = don't delete the temporary files after using them
# (really only useful for debugging)
#
# honor-http-proxy = if the keyserver uses http, honor the http_proxy
# environment variable
#keyserver-options include-disabled include-revoked
# Uncomment this line to automatically fetch a key from a keyserver
# (which must be set - see above) when verifying signatures.
#auto-key-retrieve
# Uncomment this line to display photo user IDs in key listings
#show-photos
# Use this program to display photo user IDs
#
# %i is expanded to a temporary file that contains the photo.
# %I is the same as %i, but the file isn't deleted afterwards by GnuPG.
# %k is expanded to the key ID of the key.
# %K is expanded to the long OpenPGP key ID of the key.
# %f is expanded to the fingerprint of the key.
# %% is %, of course.
#
# If %i or %I are not present, then the photo is supplied to the
# viewer on standard input. Standard input is the best way to do
# this, as it avoids the time and effort in generating and then
# cleaning up a secure temp file.
#
# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin"
#
# Some other viewers:
# photo-viewer "qiv %i"
# photo-viewer "ee %i"
# photo-viewer "display -title 'KeyID 0x%k'"
#
# This one saves a copy of the photo ID in your home directory:
# photo-viewer "cat > ~/photoid-for-key-%k.jpg"
#
# Use your MIME handler to view photos:
# photo-viewer "metamail -q -d -b -c image/jpeg -s 'KeyID 0x%k' -f GnuPG"
|
