1# Options for GnuPG 2# Copyright 1998, 1999, 2000, 2001, 2002, 2003 Free Software Foundation, Inc. 3# 4# This file is free software; as a special exception the author gives 5# unlimited permission to copy and/or distribute it, with or without 6# modifications, as long as this notice is preserved. 7# 8# This file is distributed in the hope that it will be useful, but 9# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the 10# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 11# 12# Unless you specify which option file to use (with the command line 13# option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf 14# by default. 15# 16# An options file can contain any long options which are available in 17# GnuPG. If the first non white space character of a line is a '#', 18# this line is ignored. Empty lines are also ignored. 19# 20# See the man page for a list of options. 21 22# Uncomment the following option to get rid of the copyright notice 23 24#no-greeting 25 26# If you have more than 1 secret key in your keyring, you may want to 27# uncomment the following option and set your preferred keyid. 28 29#default-key 621CC013 30 31# If you do not pass a recipient to gpg, it will ask for one. Using 32# this option you can encrypt to a default key. Key validation will 33# not be done in this case. The second form uses the default key as 34# default recipient. 35 36#default-recipient some-user-id 37#default-recipient-self 38 39# Use --encrypt-to to add the specified key as a recipient to all 40# messages. This is useful, for example, when sending mail through a 41# mail client that does not automatically encrypt mail to your key. 42# In the example, this option allows you to read your local copy of 43# encrypted mail that you've sent to others. 44 45#encrypt-to some-key-id 46 47# By default GnuPG creates version 3 signatures for data files. This 48# is not strictly OpenPGP compliant but PGP 6 and most versions of PGP 49# 7 require them. To disable this behavior, you may use this option 50# or --openpgp. 51 52#no-force-v3-sigs 53 54# Because some mailers change lines starting with "From " to ">From " 55# it is good to handle such lines in a special way when creating 56# cleartext signatures; all other PGP versions do it this way too. 57 58#no-escape-from-lines 59 60# If you do not use the Latin-1 (ISO-8859-1) charset, you should tell 61# GnuPG which is the native character set. Please check the man page 62# for supported character sets. This character set is only used for 63# metadata and not for the actual message which does not undergo any 64# translation. Note that future version of GnuPG will change to UTF-8 65# as default character set. In most cases this option is not required 66# as GnuPG is able to figure out the correct charset at runtime. 67 68#charset utf-8 69 70# Group names may be defined like this: 71# group mynames = paige 0x12345678 joe patti 72# 73# Any time "mynames" is a recipient (-r or --recipient), it will be 74# expanded to the names "paige", "joe", and "patti", and the key ID 75# "0x12345678". Note there is only one level of expansion - you 76# cannot make an group that points to another group. Note also that 77# if there are spaces in the recipient name, this will appear as two 78# recipients. In these cases it is better to use the key ID. 79 80#group mynames = paige 0x12345678 joe patti 81 82# Lock the file only once for the lifetime of a process. If you do 83# not define this, the lock will be obtained and released every time 84# it is needed, which is usually preferable. 85 86#lock-once 87 88# GnuPG can send and receive keys to and from a keyserver. These 89# servers can be HKP, email, or LDAP (if GnuPG is built with LDAP 90# support). 91# 92# Example HKP keyserver: 93# hkp://keys.gnupg.net 94# hkp://subkeys.pgp.net 95# 96# Example email keyserver: 97# mailto:pgp-public-keys@keys.pgp.net 98# 99# Example LDAP keyservers: 100# ldap://keyserver.pgp.com 101# 102# Regular URL syntax applies, and you can set an alternate port 103# through the usual method: 104# hkp://keyserver.example.net:22742 105# 106# Most users just set the name and type of their preferred keyserver. 107# Note that most servers (with the notable exception of 108# ldap://keyserver.pgp.com) synchronize changes with each other. Note 109# also that a single server name may actually point to multiple 110# servers via DNS round-robin. hkp://keys.gnupg.net is an example of 111# such a "server", which spreads the load over a number of physical 112# servers. To see the IP address of the server actually used, you may use 113# the "--keyserver-options debug". 114 115keyserver hkp://keys.gnupg.net 116#keyserver mailto:pgp-public-keys@keys.nl.pgp.net 117#keyserver ldap://keyserver.pgp.com 118 119# Common options for keyserver functions: 120# 121# include-disabled : when searching, include keys marked as "disabled" 122# on the keyserver (not all keyservers support this). 123# 124# no-include-revoked : when searching, do not include keys marked as 125# "revoked" on the keyserver. 126# 127# verbose : show more information as the keys are fetched. 128# Can be used more than once to increase the amount 129# of information shown. 130# 131# use-temp-files : use temporary files instead of a pipe to talk to the 132# keyserver. Some platforms (Win32 for one) always 133# have this on. 134# 135# keep-temp-files : do not delete temporary files after using them 136# (really only useful for debugging) 137# 138# http-proxy="proxy" : set the proxy to use for HTTP and HKP keyservers. 139# This overrides the "http_proxy" environment variable, 140# if any. 141# 142# auto-key-retrieve : automatically fetch keys as needed from the keyserver 143# when verifying signatures or when importing keys that 144# have been revoked by a revocation key that is not 145# present on the keyring. 146# 147# no-include-attributes : do not include attribute IDs (aka "photo IDs") 148# when sending keys to the keyserver. 149 150#keyserver-options auto-key-retrieve 151 152# Display photo user IDs in key listings 153 154# list-options show-photos 155 156# Display photo user IDs when a signature from a key with a photo is 157# verified 158 159# verify-options show-photos 160 161# Use this program to display photo user IDs 162# 163# %i is expanded to a temporary file that contains the photo. 164# %I is the same as %i, but the file isn't deleted afterwards by GnuPG. 165# %k is expanded to the key ID of the key. 166# %K is expanded to the long OpenPGP key ID of the key. 167# %t is expanded to the extension of the image (e.g. "jpg"). 168# %T is expanded to the MIME type of the image (e.g. "image/jpeg"). 169# %f is expanded to the fingerprint of the key. 170# %% is %, of course. 171# 172# If %i or %I are not present, then the photo is supplied to the 173# viewer on standard input. If your platform supports it, standard 174# input is the best way to do this as it avoids the time and effort in 175# generating and then cleaning up a secure temp file. 176# 177# If no photo-viewer is provided, GnuPG will look for xloadimage, eog, 178# or display (ImageMagick). On Mac OS X and Windows, the default is 179# to use your regular JPEG image viewer. 180# 181# Some other viewers: 182# photo-viewer "qiv %i" 183# photo-viewer "ee %i" 184# 185# This one saves a copy of the photo ID in your home directory: 186# photo-viewer "cat > ~/photoid-for-key-%k.%t" 187# 188# Use your MIME handler to view photos: 189# photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG" 190 191# Passphrase agent 192# 193# We support the old experimental passphrase agent protocol as well as 194# the new Assuan based one (currently available in the "newpg" package 195# at ftp.gnupg.org/gcrypt/alpha/aegypten/). To make use of the agent, 196# you have to run an agent as daemon and use the option 197# 198# use-agent 199# 200# which tries to use the agent but will fallback to the regular mode 201# if there is a problem connecting to the agent. The normal way to 202# locate the agent is by looking at the environment variable 203# GPG_AGENT_INFO which should have been set during gpg-agent startup. 204# In certain situations the use of this variable is not possible, thus 205# the option 206# 207# --gpg-agent-info=<path>:<pid>:1 208# 209# may be used to override it. 210 211# Automatic key location 212# 213# GnuPG can automatically locate and retrieve keys as needed using the 214# auto-key-locate option. This happens when encrypting to an email 215# address (in the "user@example.com" form), and there are no 216# user@example.com keys on the local keyring. This option takes the 217# following arguments, in the order they are to be tried: 218# 219# cert = locate a key using DNS CERT, as specified in RFC-4398. 220# GnuPG can handle both the PGP (key) and IPGP (URL + fingerprint) 221# CERT methods. 222# 223# pka = locate a key using DNS PKA. 224# 225# ldap = locate a key using the PGP Universal method of checking 226# "ldap://keys.(thedomain)". For example, encrypting to 227# user@example.com will check ldap://keys.example.com. 228# 229# keyserver = locate a key using whatever keyserver is defined using 230# the keyserver option. 231# 232# You may also list arbitrary keyservers here by URL. 233# 234# Try CERT, then PKA, then LDAP, then hkp://subkeys.net: 235#auto-key-locate cert pka ldap hkp://subkeys.pgp.net 236 237###+++--- GPGConf ---+++### 238utf8-strings 239#debug-level basic 240#log-file socket:///home/leo/kde/src/kdepim/messagecomposer/tests/gnupg_home/log-socket 241###+++--- GPGConf ---+++### Tue 29 Jun 2010 10:23:13 AM EDT 242# GPGConf edited this configuration file. 243# It will disable options before this marked block, but it will 244# never change anything below these lines. 245