diff options
Diffstat (limited to '_mutt/gpg.rc')
-rw-r--r-- | _mutt/gpg.rc | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/_mutt/gpg.rc b/_mutt/gpg.rc new file mode 100644 index 0000000..e918768 --- /dev/null +++ b/_mutt/gpg.rc @@ -0,0 +1,108 @@ +## +## Mutt GPG configuration +## -*-muttrc-*- +## +## Weitian LI +## 2015/02/02 +## +## Reference: +## [1] A Quick Guide to Mutt #GPG +## http://srobb.net/mutt.html#GPG +## [2] Encrypting Mutt +## http://jasonwryan.com/blog/2013/07/20/gnupg/ +## + +# %p The empty string when no passphrase is needed, +# the string "PGPPASSFD=0" if one is needed. +# +# %f Most PGP commands operate on a single file or a file +# containing a message. %f expands to this file's name. +# +# %s When verifying signatures, there is another temporary file +# containing the detached signature. %s expands to this +# file's name. +# +# %a In "signing" contexts, this expands to the value of the +# configuration variable $pgp_sign_as. You probably need to +# use this within a conditional % sequence. +# +# %r In many contexts, mutt passes key IDs to pgp. %r expands to +# a list of key IDs. + +# Note that we explicitly set the comment armor header since GnuPG, +# when used in some localiaztion environments, generates 8bit data +# in that header, thereby breaking PGP/MIME. + +# Decode application/pgp +set pgp_decode_command="gpg2 --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f" + +# Verify a pgp/mime signature +set pgp_verify_command="gpg2 --status-fd=2 --no-verbose --quiet --batch --output - --verify %s %f" + +# Decrypt a pgp/mime attachment +set pgp_decrypt_command="gpg2 --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f" + +# Create a pgp/mime signed attachment +set pgp_sign_command="gpg2 --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f" + +# Create a application/pgp signed (old-style) message +set pgp_clearsign_command="gpg2 --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f" + +# Create a pgp/mime encrypted attachment +set pgp_encrypt_only_command="pgpewrap gpg2 --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f" + +# Create a pgp/mime encrypted and signed attachment +set pgp_encrypt_sign_command="pgpewrap gpg2 %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f" + +# Import a key into the public key ring +set pgp_import_command="gpg2 --no-verbose --import %f" + +# Export a key from the public key ring +set pgp_export_command="gpg2 --no-verbose --export --armor %r" + +# Verify a key +set pgp_verify_key_command="gpg2 --verbose --batch --fingerprint --check-sigs %r" + +# Read in the public key ring +set pgp_list_pubring_command="gpg2 --no-verbose --batch --quiet --with-colons --list-keys %r" + +# Read in the secret key ring +set pgp_list_secring_command="gpg2 --no-verbose --batch --quiet --with-colons --list-secret-keys %r" + +# Fetch keys +# set pgp_getkeys_command="pkspxycwrap %r" + +# Use gpg-agent +set pgp_use_gpg_agent + +# This set the number of seconds to keep in memory the passpharse +# used to encrypt/sign the more the less secure it will be +set pgp_timeout=1800 + +# Pattern for good signature - may need to be adapted to locale! +# +# It's a regexp used against the GPG output: if it matches some line of the output +# then mutt considers the message a good signed one (ignoring the GPG exit code) +set pgp_good_sign="^gpg: Good signature from" +# set pgp_good_sign="^gpgv?: Good signature from " +# OK, here's a version which uses gnupg's message catalog: +# set pgp_good_sign="`gettext -d gnupg -s 'Good signature from "' | tr -d '"'`" +# This version uses --status-fd messages +# set pgp_good_sign="^\\[GNUPG:\\] GOODSIG" + +# Automatically sign all outcoming messages +set crypt_autosign +# Sign only replies to signed messages +#set crypt_replysign + +# Automatically encrypt outcoming messages +#set crypt_autoencrypt +# Encrypt only replies to signed messages +set crypt_replyencrypt +# encrypt and sign replies to encrypted messages +#set crypt_replysignencrypted + +# Automatically verify the sign of a message when opened +set crypt_verify_sig + +# vim: set ts=8 sw=4 tw=0 fenc=utf-8 ft=muttrc: # |