Re: GPG Keys and Signing

To: mutt-users@xxxxxxxx
Subject: Re: GPG Keys and Signing
From: Michael Pobega <pobega@xxxxxxxxx>
Date: Sun, 1 Apr 2007 19:10:40 -0400
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:received:date:from:to:subject:message-id:mail-followup-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; b=amiWCp9sSz1QQBPYol+Efl5RYJ/UBRcsZGcomwUWF6ZJpIurqb8ujlhb6UQdRa0JuZUJWVl/6zhjCCoMm824vJWjwbnl4wrtbFm17WTVrEuEPL8nVhKHW9+lXnn8saYyPAXL5ux+c+0zHElIt0qn4Nt0bJYl8e7N4X4oR/2xDeo=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:date:from:to:subject:message-id:mail-followup-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; b=tV2gQ96C9/qTW4BeW8GqmiIBH2qvXdHCwhoVq7kUWgASCpb5ZR+huFY5ENhaMo4BT7QDpLRDklmHdXkTjKA3/hWbOL4lxLwL+0Ro7sjr98Nlm7mVgJkmJkPuzb9EG0V/ZJjeu9zpCeslPbnqO0q2v7BgJFmCpQMbRKqEkJfgMpc=
In-reply-to: <20070401213745.GB25438@xxxxxxxxxxxx>
List-unsubscribe: <mailto:mutt-users-request@mutt.org?body=unsubscribe>
Mail-followup-to: mutt-users@xxxxxxxx
References: <20070401132414.GA6067@localhost> <20070401213745.GB25438@xxxxxxxxxxxx>
Sender: owner-mutt-users@xxxxxxxx
User-agent: Mutt/1.5.13 (2006-08-11)

On Sun, Apr 01, 2007 at 11:37:46PM +0200, Sander Smeenk wrote:
> Quoting Michael Pobega (pobega@xxxxxxxxx):
> 
> > I've just recently learned about PGP/GPG keys and encryption, but I
> > can't figure out how to get it to work alongside Mutt.
> 
> This works for me!
> 
> <esc>:r .mutt/crypto
> --------------------
> 
> # How many seconds will mutt remember the gpg-passphrase. This is a potential
> # security risk. since the phrase needs to be stored somewhere -> memory!
> set pgp_timeout=0
> 
> # Reply with encryption enabled to encrypted mails.
> set pgp_replyencrypt
> 
> # Reply with signing enabled to signed mails.
> set pgp_replysign
> 
> # See /usr/share/doc/mutt/manual.txt.gz for explanation of stringexpansion
> set pgp_decode_command="/usr/bin/gpg   --status-fd=2 %?p?--passphrase-fd 0? 
> --no-verbose --quiet  --batch  --output - %f"
> set pgp_verify_command="/usr/bin/gpg   --status-fd=2 --no-verbose --quiet  
> --batch  --output - --verify %s %f"
> set pgp_decrypt_command="/usr/bin/gpg   --status-fd=2 --passphrase-fd 0 
> --no-verbose --quiet  --batch  --output - %f"
> set pgp_sign_command="/usr/bin/gpg    --no-verbose --batch --quiet   --output 
> - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
> set pgp_clearsign_command="/usr/bin/gpg   --no-verbose --batch --quiet   
> --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
> set pgp_encrypt_only_command="/usr/lib/mutt/pgpewrap /usr/bin/gpg    --batch  
> --quiet  --no-verbose --output - --encrypt --textmode --armor --always-trust 
> -- -r %r -- %f"
> set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap /usr/bin/gpg  
> --passphrase-fd 0  --batch --quiet  --no-verbose  --textmode --output - 
> --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
> set pgp_import_command="/usr/bin/gpg  --no-verbose --import -v %f"
> set pgp_export_command="/usr/bin/gpg   --no-verbose --export --armor %r"
> set pgp_verify_key_command="/usr/bin/gpg   --verbose --batch  --fingerprint 
> --check-sigs %r"
> set pgp_list_pubring_command="/usr/bin/gpg   --no-verbose --batch --quiet   
> --with-colons --list-keys %r" 
> set pgp_list_secring_command="/usr/bin/gpg   --no-verbose --batch --quiet   
> --with-colons --list-secret-keys %r" 
> 
> # Regular expression that matches when a message was succesfully verified
> set pgp_good_sign="^\\[GNUPG:\\] VALIDSIG"
> 

Should I make the .mutt folder and a crypto file, or should I put this
in my ~/.muttrc file? I am currently using:

========================
~/.muttrc
========================

# auto sign outgoing
set crypt_autosign=yes
# auto check old signatures
set pgp_auto_decode=yes

Attachment: signature.asc
Description: Digital signature

Follow-Ups:
- Re: GPG Keys and Signing
  - From: Sander Smeenk

References:
- GPG Keys and Signing
  - From: Michael Pobega
- Re: GPG Keys and Signing
  - From: Sander Smeenk

Prev by Date: Re: GPG Keys and Signing
Next by Date: Re: Save encrypted-to-self or plain copy of sent message
Previous by thread: Re: GPG Keys and Signing
Next by thread: Re: GPG Keys and Signing
Index(es):
- Date
- Thread