summary refs log tree commit diff stats
path: root/user/gnupg
diff options
context:
space:
mode:
authorAlan Pearce2024-06-05 14:22:28 +0200
committerAlan Pearce2024-06-05 14:22:28 +0200
commit41aa7cc366d2242c0dbf1e035f22e7118e2ca942 (patch)
treed3ff8dbcd7a4bd51f1cd6c89e6c3b13d5310c119 /user/gnupg
parentcd49be6796ebf629bb7de3590b30f08824ce70b8 (diff)
downloadnixfiles-41aa7cc366d2242c0dbf1e035f22e7118e2ca942.tar.lz
nixfiles-41aa7cc366d2242c0dbf1e035f22e7118e2ca942.tar.zst
nixfiles-41aa7cc366d2242c0dbf1e035f22e7118e2ca942.zip
overhaul gnupg/trezor setup
Diffstat (limited to 'user/gnupg')
-rw-r--r--user/gnupg/dirmngr.conf3
-rw-r--r--user/gnupg/gpa.conf2
-rw-r--r--user/gnupg/gpg-agent.conf3
-rw-r--r--user/gnupg/gpg.conf83
-rw-r--r--user/gnupg/trezor/dirmngr.conf1
5 files changed, 0 insertions, 92 deletions
diff --git a/user/gnupg/dirmngr.conf b/user/gnupg/dirmngr.conf
deleted file mode 100644
index f69421d7..00000000
--- a/user/gnupg/dirmngr.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-keyserver hkps://keys.openpgp.org
-# keyserver hkp://zkaan2xfbuxia2wpf7ofnkbz6r5zdbbvxbunvp5g2iebopbfc4iqmbad.onion
-# use-tor
diff --git a/user/gnupg/gpa.conf b/user/gnupg/gpa.conf
deleted file mode 100644
index 2e33e80b..00000000
--- a/user/gnupg/gpa.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-default-key 5FA779613E2AB0EEFC6DD3056A56F2A314E23293
-detailed-view
diff --git a/user/gnupg/gpg-agent.conf b/user/gnupg/gpg-agent.conf
deleted file mode 100644
index 52eb1dca..00000000
--- a/user/gnupg/gpg-agent.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-enable-ssh-support
-default-cache-ttl 600
-max-cache-ttl 7200
diff --git a/user/gnupg/gpg.conf b/user/gnupg/gpg.conf
deleted file mode 100644
index 61df93cf..00000000
--- a/user/gnupg/gpg.conf
+++ /dev/null
@@ -1,83 +0,0 @@
-#
-# This is an implementation of the Riseup OpenPGP Best Practices
-# https://help.riseup.net/en/security/message-security/openpgp/best-practices
-#
-
-#-----------------------------
-# default key
-#-----------------------------
-
-# The default key to sign with. If this option is not used, the default key is
-# the first key found in the secret keyring
-
-# default-key 
-
-#-----------------------------
-# behavior
-#-----------------------------
-
-# Disable inclusion of the version string in ASCII armored output
-no-emit-version
-
-# Disable comment string in clear text signatures and ASCII armored messages
-no-comments
-
-# Display long key IDs
-keyid-format 0xlong
-
-# List all keys (or the specified ones) along with their fingerprints
-with-fingerprint
-
-# Display the calculated validity of user IDs during key listings
-list-options show-uid-validity
-verify-options show-uid-validity
-
-# Try to use the GnuPG-Agent. With this option, GnuPG first tries to connect to
-# the agent before it asks for a passphrase.
-use-agent
-
-#-----------------------------
-# keyserver
-#-----------------------------
-
-# This is the server that --recv-keys, --send-keys, and --search-keys will
-# communicate with to receive keys from, send keys to, and search for keys on
-keyserver hkps://keys.openpgp.org
-
-# Provide a certificate store to override the system default
-# Get this from https://sks-keyservers.net/sks-keyservers.netCA.pem
-# keyserver-options ca-cert-file=.gnupg/sks-keyservers.netCA.pem
-
-# Set the proxy to use for HTTP and HKP keyservers - default to the standard
-# local Tor socks proxy
-# It is encouraged to use Tor for improved anonymity. Preferrably use either a
-# dedicated SOCKSPort for GnuPG and/or enable IsolateDestPort and
-# IsolateDestAddr
-# keyserver-options http-proxy=socks5-hostname://127.0.0.1:9050
-
-# When using --refresh-keys, if the key in question has a preferred keyserver
-# URL, then disable use of that preferred keyserver to refresh the key from
-keyserver-options no-honor-keyserver-url
-# When searching for a key with --search-keys, include keys that are marked on
-# the keyserver as revoked
-keyserver-options include-revoked
-
-
-#-----------------------------
-# algorithm and ciphers
-#-----------------------------
-
-# list of personal digest preferences. When multiple digests are supported by
-# all recipients, choose the strongest one
-personal-cipher-preferences AES256 AES192 AES CAST5
-
-# list of personal digest preferences. When multiple ciphers are supported by
-# all recipients, choose the strongest one
-personal-digest-preferences SHA512 SHA384 SHA256 SHA224
-
-# message digest algorithm used when signing a key
-cert-digest-algo SHA512
-
-# This preference list is used for new keys and becomes the default for
-# "setpref" in the edit menu
-default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
\ No newline at end of file
diff --git a/user/gnupg/trezor/dirmngr.conf b/user/gnupg/trezor/dirmngr.conf
deleted file mode 100644
index 17612d46..00000000
--- a/user/gnupg/trezor/dirmngr.conf
+++ /dev/null
@@ -1 +0,0 @@
-keyserver hkps://keys.openpgp.org
\ No newline at end of file