Re: gpg: update my rc ???

To: mutt-users mailing list <mutt-users@xxxxxxxx>
Subject: Re: gpg: update my rc ???
From: David Yitzchak Cohen <lists+mutt_users@xxxxxxxxxxxxxx>
Date: Tue, 13 Jan 2004 15:54:31 -0500
In-reply-to: <20040109204629.GA14617@xxxxxxxxxxxxxxxxxxxxx>
List-unsubscribe: <mailto:mutt-users-request@mutt.org?body=unsubscribe>
Mail-followup-to: mutt-users mailing list <mutt-users@xxxxxxxx>
References: <20040109204629.GA14617@xxxxxxxxxxxxxxxxxxxxx>
Sender: owner-mutt-users@xxxxxxxx
User-agent: Mutt/1.5.5.1i

On Fri, Jan 09, 2004 at 02:46:29PM -0600, Michael D Schleif wrote:

> Over the years, pgp/gpg has evolved and changed radically, especially
> regarding MUA support.  Mutt is no exception, and its outstanding
> support has gotten better and better.

...and its sample gpg.rc file has also undergone some changes :-)

If you simply look at your gpg.rc file distributed with Mutt, you'll
be able to compare it with your current gpg.rc file.  If your packager
(a.k.a. debian) was silly and killed the sample gpg.rc, I'm attaching the
sample gpg.rc from a recent (a week or two old now) Mutt CVS checkout,
as well as my own gpg.rc, which fixes some annoyances I found in the
sample, and switches to gpg.mutt for decrypting and verifying, so you
can trim the GPG output.  My own gpg.mutt script is available online
[1], if you're interested.

Enjoy,
 - Dave

[1]
http://www.bigfatdave.com/dave/bin/gpg.mutt

-- 
Uncle Cosmo, why do they call this a word processor?
It's simple, Skyler.  You've seen what food processors do to food, right?

Please visit this link:
http://rotter.net/israel

# -*-muttrc-*-
#
# Command formats for gpg.
# 
# This version uses gpg-2comp from 
#   http://muppet.faveve.uni-stuttgart.de/~gero/gpg-2comp.tar.gz
#
# $Id: gpg.rc,v 3.1 2002/03/26 22:23:58 roessler Exp $
#
# %p    The empty string when no passphrase is needed,
#       the string "PGPPASSFD=0" if one is needed.
#
#       This is mostly used in conditional % sequences.
#
# %f    Most PGP commands operate on a single file or a file
#       containing a message.  %f expands to this file's name.
#
# %s    When verifying signatures, there is another temporary file
#       containing the detached signature.  %s expands to this
#       file's name.
#
# %a    In "signing" contexts, this expands to the value of the
#       configuration variable $pgp_sign_as.  You probably need to
#       use this within a conditional % sequence.
#
# %r    In many contexts, mutt passes key IDs to pgp.  %r expands to
#       a list of key IDs.

# Note that we explicitly set the comment armor header since GnuPG, when used
# in some localiaztion environments, generates 8bit data in that header, thereby
# breaking PGP/MIME.

# decode application/pgp
set pgp_decode_command="/usr/bin/gpg  --charset utf-8   %?p?--passphrase-fd 0? 
--no-verbose --quiet  --batch  --output - %f"

# verify a pgp/mime signature
set pgp_verify_command="/usr/bin/gpg   --no-verbose --quiet  --batch  --output 
- --verify %s %f"

# decrypt a pgp/mime attachment
set pgp_decrypt_command="/usr/bin/gpg   --passphrase-fd 0 --no-verbose --quiet  
--batch  --output - %f"

# create a pgp/mime signed attachment
# set pgp_sign_command="/usr/bin/gpg-2comp --comment '' --no-verbose --batch  
--output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_sign_command="/usr/bin/gpg    --no-verbose --batch --quiet   --output - 
--passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"

# create a application/pgp signed (old-style) message
# set pgp_clearsign_command="/usr/bin/gpg-2comp --comment ''  --no-verbose 
--batch  --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? 
%f"
set pgp_clearsign_command="/usr/bin/gpg   --charset utf-8 --no-verbose --batch 
--quiet   --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u 
%a? %f"

# create a pgp/mime encrypted attachment
# set pgp_encrypt_only_command="pgpewrap gpg-2comp  -v --batch  --output - 
--encrypt --textmode --armor --always-trust -- -r %r -- %f"
set pgp_encrypt_only_command="pgpewrap /usr/bin/gpg  --charset utf-8    --batch 
 --quiet  --no-verbose --output - --encrypt --textmode --armor --always-trust 
-- -r %r -- %f"

# create a pgp/mime encrypted and signed attachment
# set pgp_encrypt_sign_command="pgpewrap gpg-2comp  --passphrase-fd 0 -v 
--batch  --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r 
-- %f"
set pgp_encrypt_sign_command="pgpewrap /usr/bin/gpg  --charset utf-8 
--passphrase-fd 0  --batch --quiet  --no-verbose  --textmode --output - 
--encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"

# import a key into the public key ring
set pgp_import_command="/usr/bin/gpg  --no-verbose --import -v %f"

# export a key from the public key ring
set pgp_export_command="/usr/bin/gpg   --no-verbose --export --armor %r"

# verify a key
set pgp_verify_key_command="/usr/bin/gpg   --verbose --batch  --fingerprint 
--check-sigs %r"

# read in the public key ring
set pgp_list_pubring_command="/usr/bin/gpg   --no-verbose --batch --quiet   
--with-colons --list-keys %r" 

# read in the secret key ring
set pgp_list_secring_command="/usr/bin/gpg   --no-verbose --batch --quiet   
--with-colons --list-secret-keys %r" 

# fetch keys
# set pgp_getkeys_command="pkspxycwrap %r"

# pattern for good signature - may need to be adapted to locale!

# set pgp_good_sign="^gpg: Good signature from"

# OK, here's a version which uses gnupg's message catalog:
set pgp_good_sign="`gettext -d gnupg -s 'Good signature from "' | tr -d '"'`"

#DYC:20030926: changed some invocations of GPG to use my Mutt wrapper to save
#              some space in the output ... and removed the absolute paths to
#              the other GPG invocations - you shouldn't have to modify any
#              configuration files just because you've decided to create your
#              own local version of a program, or your own wrapper for it.

# -*-muttrc-*-
#
# Command formats for gpg.
# 
# This version uses gpg-2comp from 
#   http://muppet.faveve.uni-stuttgart.de/~gero/gpg-2comp.tar.gz
#
# $Id: gpg.rc,v 1.12 2001/12/11 09:33:57 roessler Exp $
#
# %p    The empty string when no passphrase is needed,
#       the string "PGPPASSFD=0" if one is needed.
#
#       This is mostly used in conditional % sequences.
#
# %f    Most PGP commands operate on a single file or a file
#       containing a message.  %f expands to this file's name.
#
# %s    When verifying signatures, there is another temporary file
#       containing the detached signature.  %s expands to this
#       file's name.
#
# %a    In "signing" contexts, this expands to the value of the
#       configuration variable $pgp_sign_as.  You probably need to
#       use this within a conditional % sequence.
#
# %r    In many contexts, mutt passes key IDs to pgp.  %r expands to
#       a list of key IDs.

# Note that we explicitly set the comment armor header since GnuPG, when used
# in some localiaztion environments, generates 8bit data in that header, thereby
# breaking PGP/MIME.

# decode application/pgp
set pgp_decode_command="gpg.mutt   %?p?--passphrase-fd 0? --no-verbose --quiet  
--batch  --output - %f"

# verify a pgp/mime signature
set pgp_verify_command="gpg.mutt   --no-verbose --quiet  --batch  --output - 
--verify %s %f"

# decrypt a pgp/mime attachment
set pgp_decrypt_command="gpg.mutt   --passphrase-fd 0 --no-verbose --quiet  
--batch  --output - %f"

# create a pgp/mime signed attachment
# set pgp_sign_command="gpg-2comp --comment '' --no-verbose --batch  --output - 
--passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_sign_command="gpg    --no-verbose --batch --quiet   --output - 
--passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"

# create a application/pgp signed (old-style) message
# set pgp_clearsign_command="gpg-2comp --comment ''  --no-verbose --batch  
--output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
set pgp_clearsign_command="gpg   --no-verbose --batch --quiet   --output - 
--passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"

# create a pgp/mime encrypted attachment
# set pgp_encrypt_only_command="pgpewrap gpg-2comp  -v --batch  --output - 
--encrypt --textmode --armor --always-trust -- -r %r -- %f"
set pgp_encrypt_only_command="pgpewrap gpg    --batch  --quiet  --no-verbose 
--output - --encrypt --textmode --armor --always-trust -- -r %r -- %f"

# create a pgp/mime encrypted and signed attachment
# set pgp_encrypt_sign_command="pgpewrap gpg-2comp  --passphrase-fd 0 -v 
--batch  --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r 
-- %f"
set pgp_encrypt_sign_command="pgpewrap gpg  --passphrase-fd 0  --batch --quiet  
--no-verbose  --textmode --output - --encrypt --sign %?a?-u %a? --armor 
--always-trust -- -r %r -- %f"

# import a key into the public key ring
set pgp_import_command="gpg  --no-verbose --import -v %f"

# export a key from the public key ring
set pgp_export_command="gpg   --no-verbose --export --armor %r"

# verify a key
set pgp_verify_key_command="gpg   --verbose --batch  --fingerprint --check-sigs 
%r"

# read in the public key ring
set pgp_list_pubring_command="gpg   --no-verbose --batch --quiet   
--with-colons --list-keys %r" 

# read in the secret key ring
set pgp_list_secring_command="gpg   --no-verbose --batch --quiet   
--with-colons --list-secret-keys %r" 

# fetch keys
# set pgp_getkeys_command="pkspxycwrap %r"

# pattern for good signature - may need to be adapted to locale!

# set pgp_good_sign="^gpg: Good signature from"

# OK, here's a version which uses gnupg's message catalog:
set pgp_good_sign="`gettext -d gnupg -s 'Good signature from "' | tr -d '"'`"

Attachment: pgpzAdaR1hxxu.pgp
Description: PGP signature

References:
- gpg: update my rc ???
  - From: Michael D Schleif

Prev by Date: Re: shell escapes in .muttrc
Next by Date: Re: [offtopic] procmail help
Previous by thread: gpg: update my rc ???
Next by thread: encrypt to s/mime user ???
Index(es):
- Date
- Thread