5.2. GPG (WIN2K+CYGWIN)

  1. 环境变量

    • 注册表设置配置文件主目录

      可设置注册表键值\\HKEY_CURRENT_USER\Software\GNU\GnuPG\HomeDir 为 C:/Documents and Settings/Administrator/Application Data/GPG, 则配置文件保存其中。

    • 环境变量

      可设置环境变量 GNUPGHOME= C:/Documents and Settings/Administrator/Application Data/GPG 来改变缺省设置: ~/.gnupg。还可以通过设置注册表来完成。注册表优先。

  2. 为右键菜单增加“GPG 签名”的命令

    修改 HKEY_CLASSES_ROOT\*\shell\SigGPG, 增加 command 项, 默认设置为:gpg -sba %1

  3. 配置文件: options

    # Options for GnuPG
    # Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
    #
    # This file is free software; as a special exception the author gives
    # unlimited permission to copy and/or distribute it, with or without
    # modifications, as long as this notice is preserved.
    #
    # This file is distributed in the hope that it will be useful, but
    # WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
    # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
    #
    # Unless you you specify which option file to use (with the
    # commandline option "--options filename"), GnuPG uses the
    # file ~/.gnupg/options by default.
    #
    # An option file can contain all long options which are
    # available in GnuPG. If the first non white space character of
    # a line is a '#', this line is ignored.  Empty lines are also
    # ignored.
    #
    # See the man page for a list of options.
    
    # Uncomment the next line to get rid of the copyright notice
    #no-greeting
    
    # If you have more than 1 secret key in your keyring, you may want
    # to uncomment the following option and set your preffered keyid
    
    #default-key 621CC013
    
    # GnuPG ultimately trusts all keys in the secret keyring.  If you do
    # not have all your secret keys online available you should use this
    # option to tell GnuPG about ultimately trusted keys.
    # You have to give the long keyID here which can be obtained by using
    # the --list-key command along with the option --with-colons; you will
    # get a line similiar to this one:
    #    pub:u:1024:17:5DE249965B0358A2:1999-03-15:2006-02-04:59:f:
    # the 5th field is what you want.
    
    #trusted-key 12345678ABCDEF01
    
    
    # If you do not pass a recipient to gpg, it will ask for one.
    # Using this option you can encrypt to a default key.  key validation
    # will not be done in this case.
    # The second form uses the default key as default recipient.
    
    #default-recipient some-user-id
    #default-recipient-self
    
    
    # The next option is enabled because this one is needed for interoperation
    # with PGP 5 users.  To enable full OpenPGP compliance you have to remove
    # this option.
    
    force-v3-sigs
    
    # Because some mailers change lines starting with "From " to ">From "
    # it is good to handle such lines in a special way when creating
    # cleartext signatures; all other PGP versions do it this way too.
    # To enable full OpenPGP compliance you have to remove this option.
    
    escape-from-lines
    
    # If you do not use the Latin-1 (ISO-8859-1) charset, you should
    # tell GnuPG which is the native character set.  Please check
    # the man page for supported character sets.
    #charset utf-8
    
    
    # You may define aliases like this:
    #   alias mynames  -u 0x12345678 -u 0x456789ab -z 9
    # everytime you use --mynames, it will be expanded to the options
    # in the above defintion.  The name of the alias may not be abbreviated.
    # NOTE: This is not yet implemented
    
    # lock the file only once for the lifetime of a process.
    # if you do not define this, the lock will be obtained and released
    # every time it is needed - normally this is not needed.
    lock-once
    
    # If you have configured GnuPG without a random gatherer
    # (./configure --enable-static-rnd=none), you have to
    # uncomment _one_ of the following lines.  These
    # extensions won't get used if you have a random gatherer
    # compiled in (which is the default for GNU and xxxBSD systems)
    #load-extension rndlinux
    #load-extension rndunix
    #load-extension rndegd
    
    
    # GnuPG can import a key from a HKP keyerver if one is missing
    # for certain operations. Is you set this option to a keyserver
    # you will be asked in such a case whether GnuPG should try to
    # import the key from that server (server do syncronize with each
    # other and DNS Round-Robin may give you a random server each time).
    # Use "host -l pgp.net | grep www" to figure out a keyserver.
    #
    # If you do not want to use the default port 11371, you can give the
    # name of the keyserver like this:
    #   x-hkp://keyserver.example.net:22742
    # If you have problems connecting through a buggy proxy, you can use this:
    #   x-broken-hkp://keyserver.example.net:11371
    # But first you should make sure that you have read the man page regarding
    # proxies (--honor-http-proxy)
    # Most users just set the name of the preferred keyserver.
    keyserver keyserver.pgp.com
    
    # The environment variable http_proxy is only used when the
    # this option is set.
    
    honor-http-proxy
    
    
    # added for PGP win95 support :-\                                                
    cipher-algo CAST5
    compress-algo 1
    
    # It wasn't working with these two uncommented (Unix version of GnuPG) I don't
    # know about the windows version.
    #disable-cipher-algo BLOWFISH
    #disable-cipher-algo TWOFISH
    
    # The rest is not GnuPG option stuff but notes for GPG integration with other
    # apps.
    #=============================================================================
    # The following macros were added to .muttrc to properly deal with clearsigned
    # messages that procmail couldn't catch.
    #macro pager S "|gpg --verify -\n" "Pipe text to GPG for verification."
    #macro pager D "|gpg -d|less\n" "Pipe text to GPG for decryption."
    
    # The following was added to .muttrc to support old PGP messages
    # (Eudora/Outlook are retards when it comes to the de facto standard of
    # PGP/MIME)
    #macro compose S "Fgpg --clearsign\ny" "Clear sign an attachment."
    #macro compose E "Fgpg -a --encrypt\ny" "Encrypt an atachmant."
    #macro compose I "Fgpg -a --sign --encrypt\ny" "Encrypt and sign an atachmant."
    
    # In your .muttrc make sure you don't have these two entires or Mutt won't
    # handle them internaly:
    #auto_view application/pgp-signature
    #auto_view application/pgp