gpg config: keygrip + algorithms

author: Óscar Nájera <hi@oscarnajera.com> 2021-12-26 16:18:52 +0100
committer: Óscar Nájera <hi@oscarnajera.com> 2021-12-26 16:18:52 +0100
commit: 97c14018570d437e5c2ffcc2dc2de10a31054b67 (patch)
tree: 50b628b10b32b90fcce468794b3099913d8ec941
parent: fca1c57d9965e39a90467a603fc479d13ef6e942 (diff)
download: dotfiles-97c14018570d437e5c2ffcc2dc2de10a31054b67.tar.gz
dotfiles-97c14018570d437e5c2ffcc2dc2de10a31054b67.tar.bz2
dotfiles-97c14018570d437e5c2ffcc2dc2de10a31054b67.zip
2 files changed, 8 insertions, 0 deletions
diff --git a/gnupg/gpg.conf b/gnupg/gpg.conf
new file mode 100644
index 0000000..8c9535b
--- /dev/null
+++ b/gnupg/gpg.conf
@@ -0,0 +1,7 @@
+with-keygrip
+## SHA1 is too weak.
+## https://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html
+personal-digest-preferences SHA256
+cert-digest-algo SHA256
+default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
+cipher-algo AES256
diff --git a/install.scm b/install.scm
index 0e3ffde..646076c 100755
--- a/install.scm
+++ b/install.scm
@@ -215,6 +215,7 @@
   (config-links "calendars.conf" "~/.calendars.conf" #f)
   (git-config)
   (symlink-tree "home-dots" "~/")
+  (config-links "gnupg/gpg.conf" "~/.gnupg/gpg.conf" #f)
   (config-links "gnupg/gpg-agent.conf" "~/.gnupg/gpg-agent.conf" #f)
   (symlink-tree "bin" "~/.local/bin")
   (symlink-tree "config" "~/.config")
author	Óscar Nájera <hi@oscarnajera.com>	2021-12-26 16:18:52 +0100
committer	Óscar Nájera <hi@oscarnajera.com>	2021-12-26 16:18:52 +0100
commit	97c14018570d437e5c2ffcc2dc2de10a31054b67 (patch)
tree	50b628b10b32b90fcce468794b3099913d8ec941
parent	fca1c57d9965e39a90467a603fc479d13ef6e942 (diff)
download	dotfiles-97c14018570d437e5c2ffcc2dc2de10a31054b67.tar.gz dotfiles-97c14018570d437e5c2ffcc2dc2de10a31054b67.tar.bz2 dotfiles-97c14018570d437e5c2ffcc2dc2de10a31054b67.zip