# -*-muttrc-*- # # Command formats for gpg. # # This version uses gpg-2comp from # http://70t.de/download/gpg-2comp.tar.gz # # $Id$ # # %p The empty string when no passphrase is needed, # the string "PGPPASSFD=0" if one is needed. # # This is mostly used in conditional % sequences. # # %f Most PGP commands operate on a single file or a file # containing a message. %f expands to this file's name. # # %s When verifying signatures, there is another temporary file # containing the detached signature. %s expands to this # file's name. # # %a In "signing" contexts, this expands to the value of the # configuration variable $pgp_sign_as. You probably need to # use this within a conditional % sequence. # # %r In many contexts, mutt passes key IDs to pgp. %r expands to # a list of key IDs. # Note that we explicitly set the comment armor header since GnuPG, when used # in some localiaztion environments, generates 8bit data in that header, thereby # breaking PGP/MIME. # decode application/pgp set pgp_decode_command="gpg --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f" # verify a pgp/mime signature set pgp_verify_command="gpg --status-fd=2 --no-verbose --quiet --batch --output - --verify %s %f" # decrypt a pgp/mime attachment set pgp_decrypt_command="gpg --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f" # create a pgp/mime signed attachment # set pgp_sign_command="gpg-2comp --comment '' --no-verbose --batch --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f" set pgp_sign_command="gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f" # create a application/pgp signed (old-style) message # set pgp_clearsign_command="gpg-2comp --comment '' --no-verbose --batch --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f" set pgp_clearsign_command="gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f" # create a pgp/mime encrypted attachment # set pgp_encrypt_only_command="pgpewrap gpg-2comp -v --batch --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f" set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f" # create a pgp/mime encrypted and signed attachment # set pgp_encrypt_sign_command="pgpewrap gpg-2comp %?p?--passphrase-fd 0? -v --batch --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f" set pgp_encrypt_sign_command="pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f" # import a key into the public key ring set pgp_import_command="gpg --no-verbose --import %f" # export a key from the public key ring set pgp_export_command="gpg --no-verbose --export --armor %r" # verify a key set pgp_verify_key_command="gpg --verbose --batch --fingerprint --check-sigs %r" # read in the public key ring set pgp_list_pubring_command="gpg --no-verbose --batch --quiet --with-colons --list-keys %r" # read in the secret key ring set pgp_list_secring_command="gpg --no-verbose --batch --quiet --with-colons --list-secret-keys %r" # fetch keys # set pgp_getkeys_command="pkspxycwrap %r" # specify the uid to use when encrypting/signing #set pgp_sign_as=0xC0B1382A # FreeBSD #set pgp_sign_as=0xB9919753 # Debian # this set the number of seconds to keep in memory the passpharse # used to encrypt/sign the more the less secure it will be set pgp_timeout=300 # pattern for good signature - may need to be adapted to locale! # # it's a regexp used against the GPG output: if it matches some line of the output # then mutt considers the message a good signed one (ignoring the GPG exit code) set pgp_good_sign="^gpg: Good signature from" # set pgp_good_sign="^gpgv?: Good signature from " # OK, here's a version which uses gnupg's message catalog: # set pgp_good_sign="`gettext -d gnupg -s 'Good signature from "' | tr -d '"'`" # This version uses --status-fd messages # set pgp_good_sign="^\\[GNUPG:\\] GOODSIG" # mutt uses by default PGP/GPG to sign/encrypt messages # if you want to use S-mime instead set the smime_is_default variable to yes # automatically sign all outcoming messages #set crypt_autosign # sign only replies to signed messages #set crypt_replysign # automatically encrypt outcoming messages #set crypt_autoencrypt=yes # encrypt only replies to signed messages #set crypt_replyencrypt=yes # encrypt and sign replies to encrypted messages #set crypt_replysignencrypted=yes # automatically verify the sign of a message when opened #set crypt_verify_sig=yes # vim: filetype=muttrc