![]() You must keep it up to date so that critical security flaws are fixed. It is not enough to install GnuPG and forget about it, though. The canonical free OpenPGP implementation is GnuPG, and it is available for every major modern operating system. You should use a free OpenPGP implementation, and keep it up-to-date. Information security is too important to leave to proprietary software. You can help by submitting changes yourself. A review is in progress to make sure the guide is up to date. We strongly encourage you to not blindly copy the file, but read the document and understand what the settings do.Īlso note that this guide was written for legacy versions of GnuPG (1.4) and may contain recommendations that are redundant with default settings in newer releases of GnuPG (2.1 and above). ![]() For your convenience, all the suggested changes to the gpg.conf file are gathered in one place near the bottom of this page. Many of these changes require you to make changes to the GnuPG configuration file on your machine located at ~/.gnupg/gpg.conf. There are detailed explanations for each configuration suggestion. We have gathered here a lot of information about configuring GnuPG. If you had previously tweaked your configurations, you should consider starting over with a base configuration, so you do not have outdated recommendations that are less secure than the defaults. This guide is deprecated, you only need to use the defaults because GnuPG is doing sane things. Do not include a “Comment” in your User ID.Do you have an encrypted backup of your secret key material?.primary keys should have a reasonable expiration date (no more than 2 years in the future).stated digest algorithm preferences must include at least one member of the SHA-2 family at a higher priority than both MD5 and SHA1.self-signatures should not use MD5 exclusively.primary keys should be RSA, ideally 3072 bits.Only use your primary key for certification (and possibly signing).Set a calendar event to remind you about your expiration date. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |