diff options
| author | Sean Whitton <spwhitton@spwhitton.name> | 2017-01-06 20:15:43 -0700 |
|---|---|---|
| committer | Sean Whitton <spwhitton@spwhitton.name> | 2017-01-06 20:15:43 -0700 |
| commit | f139dc5d6a0bdd83b6c6137b86e9aeab1bd5ad3a (patch) | |
| tree | 4f99d4aa804551e43630029ec6708e4f71369aa9 /.muttrc | |
| parent | 0cab064ca44e0e337401d873b1a1c7970fdd8bb7 (diff) | |
| download | dotfiles-f139dc5d6a0bdd83b6c6137b86e9aeab1bd5ad3a.tar.gz | |
tidy mutt PGP settings
Mostly using Debian mutt maintainers defaults now
Diffstat (limited to '.muttrc')
| -rw-r--r-- | .muttrc | 28 |
1 files changed, 13 insertions, 15 deletions
@@ -86,33 +86,31 @@ set sort_aux = last-date-received # --- GPG settings +# can't use gpgme because some Debian services require inline PGP +# signatures, which gpgme doesn't support +set crypt_use_gpgme = no + +# general preferences about signing and encrypting set pgp_autosign = yes set pgp_sign_as = 0x0F56D0553B6D411B set pgp_replysign = yes set pgp_replysignencrypted = yes set pgp_replyencrypt = yes set pgp_timeout = 120 -#set fcc_clear = yes set fcc_clear = no +set pgp_encrypt_self = yes set pgp_use_gpg_agent = yes -#set pgp_strict_enc # maybe needed? +#set pgp_strict_enc + +# redefine some settings from Debian's /etc/Muttrc.d/gpg.rc: -# stick with old settings for now -set crypt_use_gpgme=no +# additionally use Debian keyrings to verify sigs +set pgp_verify_command="gpg --keyring /usr/share/keyrings/debian-keyring.gpg --keyring /usr/share/keyrings/debian-maintainers.gpg --keyring /usr/share/keyrings/debian-nonupload.gpg --keyring /usr/share/keyrings/debian-role-keys.gpg --status-fd=2 --no-verbose --quiet --batch --output - --verify %s %f" -set pgp_decode_command="gpg --status-fd=2 --use-agent --no-verbose --quiet --batch --output - %f" -set pgp_verify_command="gpg --status-fd=2 --use-agent --no-verbose --quiet --batch --output - --verify %s %f" -set pgp_decrypt_command="gpg --status-fd=2 --use-agent --no-verbose --quiet --batch --output - %f" -set pgp_sign_command="gpg --use-agent --no-verbose --batch --quiet --output - --armor --detach-sign --textmode %?a?-u %a? %f" -set pgp_clearsign_command="gpg --use-agent --no-verbose --batch --quiet --output - --armor --textmode --clearsign %?a?-u %a? %f" +# absolutely ensure that encrypted messages are readable by me (this +# is probably unnecessary thanks to pgp_encrypt_self above) set pgp_encrypt_only_command="/usr/lib/mutt/pgpewrap gpg --use-agent --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x0F56D0553B6D411B -- -r %r -- %f" set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg --use-agent --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x0F56D0553B6D411B -- -r %r -- %f" -set pgp_import_command="gpg --use-agent --no-verbose --import %f" -set pgp_export_command="gpg --use-agent --no-verbose --export --armor %r" -set pgp_verify_key_command="gpg --use-agent --verbose --batch --fingerprint --check-sigs %r" -set pgp_list_pubring_command="gpg --use-agent --no-verbose --batch --quiet --with-colons --list-keys %r" -set pgp_list_secring_command="gpg --use-agent --no-verbose --batch --quiet --with-colons --list-secret-keys %r" -set pgp_good_sign="^gpg: Good signature from" # --- message headers |