aboutsummaryrefslogtreecommitdiffstats
path: root/_mutt/gpg.rc
diff options
context:
space:
mode:
Diffstat (limited to '_mutt/gpg.rc')
-rw-r--r--_mutt/gpg.rc108
1 files changed, 108 insertions, 0 deletions
diff --git a/_mutt/gpg.rc b/_mutt/gpg.rc
new file mode 100644
index 0000000..e918768
--- /dev/null
+++ b/_mutt/gpg.rc
@@ -0,0 +1,108 @@
+##
+## Mutt GPG configuration
+## -*-muttrc-*-
+##
+## Weitian LI
+## 2015/02/02
+##
+## Reference:
+## [1] A Quick Guide to Mutt #GPG
+## http://srobb.net/mutt.html#GPG
+## [2] Encrypting Mutt
+## http://jasonwryan.com/blog/2013/07/20/gnupg/
+##
+
+# %p The empty string when no passphrase is needed,
+# the string "PGPPASSFD=0" if one is needed.
+#
+# %f Most PGP commands operate on a single file or a file
+# containing a message. %f expands to this file's name.
+#
+# %s When verifying signatures, there is another temporary file
+# containing the detached signature. %s expands to this
+# file's name.
+#
+# %a In "signing" contexts, this expands to the value of the
+# configuration variable $pgp_sign_as. You probably need to
+# use this within a conditional % sequence.
+#
+# %r In many contexts, mutt passes key IDs to pgp. %r expands to
+# a list of key IDs.
+
+# Note that we explicitly set the comment armor header since GnuPG,
+# when used in some localiaztion environments, generates 8bit data
+# in that header, thereby breaking PGP/MIME.
+
+# Decode application/pgp
+set pgp_decode_command="gpg2 --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f"
+
+# Verify a pgp/mime signature
+set pgp_verify_command="gpg2 --status-fd=2 --no-verbose --quiet --batch --output - --verify %s %f"
+
+# Decrypt a pgp/mime attachment
+set pgp_decrypt_command="gpg2 --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f"
+
+# Create a pgp/mime signed attachment
+set pgp_sign_command="gpg2 --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f"
+
+# Create a application/pgp signed (old-style) message
+set pgp_clearsign_command="gpg2 --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f"
+
+# Create a pgp/mime encrypted attachment
+set pgp_encrypt_only_command="pgpewrap gpg2 --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f"
+
+# Create a pgp/mime encrypted and signed attachment
+set pgp_encrypt_sign_command="pgpewrap gpg2 %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
+
+# Import a key into the public key ring
+set pgp_import_command="gpg2 --no-verbose --import %f"
+
+# Export a key from the public key ring
+set pgp_export_command="gpg2 --no-verbose --export --armor %r"
+
+# Verify a key
+set pgp_verify_key_command="gpg2 --verbose --batch --fingerprint --check-sigs %r"
+
+# Read in the public key ring
+set pgp_list_pubring_command="gpg2 --no-verbose --batch --quiet --with-colons --list-keys %r"
+
+# Read in the secret key ring
+set pgp_list_secring_command="gpg2 --no-verbose --batch --quiet --with-colons --list-secret-keys %r"
+
+# Fetch keys
+# set pgp_getkeys_command="pkspxycwrap %r"
+
+# Use gpg-agent
+set pgp_use_gpg_agent
+
+# This set the number of seconds to keep in memory the passpharse
+# used to encrypt/sign the more the less secure it will be
+set pgp_timeout=1800
+
+# Pattern for good signature - may need to be adapted to locale!
+#
+# It's a regexp used against the GPG output: if it matches some line of the output
+# then mutt considers the message a good signed one (ignoring the GPG exit code)
+set pgp_good_sign="^gpg: Good signature from"
+# set pgp_good_sign="^gpgv?: Good signature from "
+# OK, here's a version which uses gnupg's message catalog:
+# set pgp_good_sign="`gettext -d gnupg -s 'Good signature from "' | tr -d '"'`"
+# This version uses --status-fd messages
+# set pgp_good_sign="^\\[GNUPG:\\] GOODSIG"
+
+# Automatically sign all outcoming messages
+set crypt_autosign
+# Sign only replies to signed messages
+#set crypt_replysign
+
+# Automatically encrypt outcoming messages
+#set crypt_autoencrypt
+# Encrypt only replies to signed messages
+set crypt_replyencrypt
+# encrypt and sign replies to encrypted messages
+#set crypt_replysignencrypted
+
+# Automatically verify the sign of a message when opened
+set crypt_verify_sig
+
+# vim: set ts=8 sw=4 tw=0 fenc=utf-8 ft=muttrc: #