GnuPG settings

For new machine, here is my GnuPG settings.

.gnupg/gpg.conf

I create .gnupg/gpg.conf file with the following content.

use-agent
personal-digest-preferences SHA256
cert-digest-algo SHA256
default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed

default-key 0x4ca7babe

Let gpg-agent manage SSH key

I deactivate seahose-agent. Also, I deactivate gnome-keyring managing SSH key.

$ gconftool-2 --type bool --set /apps/gnome-keyring/daemon-components/ssh false

Then, I create .gnupg/gpg-agent.conf file with the following content.

enable-ssh-support

Fetch the GPG key

I fetch my GPG key. Here is the session.

$ gpg --card-edit

Application ID ...: D276000124010200F517000000010000
Version ..........: 2.0
Manufacturer .....: unknown
Serial number ....: 00000001
Name of cardholder: Yutaka Niibe
Language prefs ...: ja
Sex ..............: 男
URL of public key : http://www.gniibe.org/gniibe.asc
Login data .......: gniibe
Signature PIN ....: 未処理
Key attributes ...: 2048R 2048R 2048R
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 3 3
Signature counter : 0
Signature key ....: 1241 24BD 3B48 62AF 7A0A  42F1 00B4 5EBD 4CA7 BABE
      created ....: 2010-10-15 06:46:33
Encryption key....: 42E1 E805 4E6F 1F30 26F2  DC79 79A7 9093 0842 39CF
      created ....: 2010-10-15 06:46:33
Authentication key: B4D9 7142 C42D 6802 F5F7  4E70 9C33 B6BA 5BB0 65DC
      created ....: 2010-10-22 06:06:36
General key info..: [none]

gpg/card> fetch
gpg: 鍵4CA7BABEをhttpからサーバーwww.gniibe.orgに要求
gpg: /home/gniibe/.gnupg/trustdb.gpg: 信用データベースができました
gpg: 鍵4CA7BABE: 公開鍵“NIIBE Yutaka <gniibe@fsij.org>”を読み込みました
gpg: 絶対的に信用する鍵が見つかりません
gpg:     処理数の合計: 1
gpg:           読込み: 1  (RSA: 1)

gpg/card> quit
$