commit f4c38ce15516c967ea7e65d1f91d4fd07e4de443 parent 1d13673ac1797946d5d743b002eca85a0de6aa34 Author: hhvn <dev@haydenvh.com> Date: Thu, 4 Mar 2021 22:39:56 +0000 .config/neomutt/neomuttrc .config/neomutt/gpg: atleast signing works.. but seriously fuck gpg2 Diffstat:
A | .config/neomutt/gpg | | | 79 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
M | .config/neomutt/neomuttrc | | | 5 | +++-- |
2 files changed, 82 insertions(+), 2 deletions(-)
diff --git a/.config/neomutt/gpg b/.config/neomutt/gpg @@ -0,0 +1,79 @@ +# Common Crypto Options +set crypt_autoencrypt = no # Automatically encrypt all mail +set crypt_autopgp = yes # Allow automatic pgp functions +set crypt_autosign = yes # Automatically sign all mail +set crypt_autosmime = yes # Allow automatic smime functions +set crypt_confirmhook = yes +set crypt_opportunistic_encrypt = no +set crypt_replyencrypt = yes +set crypt_replysign = yes +set crypt_replysignencrypted = yes +set crypt_timestamp = yes +set crypt_use_gpgme = no +set crypt_use_pka = no +set crypt_verify_sig = yes + +# SSL Options +set ssl_starttls = yes +set ssl_use_sslv3 = no +set ssl_use_tlsv1 = yes +set ssl_use_tlsv1_1 = yes +set ssl_use_tlsv1_2 = yes +set ssl_verify_dates = yes +set ssl_verify_host = yes + +# PGP Options +set pgp_autoinline = no +set pgp_auto_decode = yes +set pgp_check_exit = yes +set pgp_entry_format = "%4n %t%f %4l/0x%k %-4a %2c %u" +set pgp_good_sign = "Good signature from" +set pgp_ignore_subkeys = yes +set pgp_long_ids = no # mutt uses full fingerprint internally +set pgp_mime_auto = no +set pgp_replyinline = no +set pgp_retainable_sigs = yes +set pgp_show_unusable = no +set pgp_sign_as = "ED59FC1A" +set pgp_sort_keys = address +set pgp_strict_enc = yes +set pgp_timeout = 21600 # Remember PGP passphrase for 6 hours + +# PGP Commands +set pgp_clearsign_command = "gpg2 --batch --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f" +set pgp_decode_command = "gpg2 --status-fd=2 %?p?--passphrase-fd 0? --quiet --batch --output - %f" +set pgp_decrypt_command = "gpg2 --status-fd=2 %?p?--passphrase-fd 0? --quiet --batch --output - %f" +set pgp_encrypt_only_command = "pgpewrap gpg2 --batch --quiet --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f" +set pgp_encrypt_sign_command = "pgpewrap gpg2 %?p?--passphrase-fd 0? --batch --quiet --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f" +set pgp_encrypt_sign_command = "pgpewrap gpg2 %?p?--passphrase-fd 0? --batch --quiet --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f" +set pgp_export_command = "gpg2 --export --armor %r" +set pgp_getkeys_command = "" +set pgp_import_command = "gpg2 --import -v %f" +set pgp_list_pubring_command = "gpg2 --with-colons --with-fingerprint --list-keys %r" +set pgp_list_secring_command = "gpg2 --with-colons --with-fingerprint --list-secret-keys %r" +set pgp_sign_command = "gpg2 --comment 'I welcome encrypted mail.' --batch --output - --passphrase _pjsL8ujjA=^lRBmWRH21n==ueYN1$ --armor --detach-sign --textmode %?a?-u %a? %f" +set pgp_verify_command = "gpg2 --status-fd=2 --quiet --batch --output - --verify %s %f" +set pgp_verify_key_command = "gpg2 --verbose --batch --fingerprint --check-sigs %r" + +# S/MIME Options +set smime_ask_cert_label = yes +set smime_ca_location = "~/.smime/ca-bundle.crt" +set smime_certificates = "~/.smime/certificates" +set smime_timeout = 21600 # Remember S/MIME passphrase for 6 hours +set smime_decrypt_use_default_key= yes +set smime_default_key = "XXXXXXXXXX" +set smime_encrypt_with = "aes256" +set smime_is_default = no +set smime_keys = "~/.smime/keys" + +# S/MIME Commands +set smime_decrypt_command = "openssl smime -decrypt -passin stdin -inform DER -in %f -inkey %k -recip %c" +set smime_encrypt_command = "openssl smime -encrypt -%a -outform DER -in %f %c" +set smime_get_cert_command = "openssl pkcs7 -print_certs -in %f" +set smime_get_cert_email_command = "openssl x509 -in %f -noout -email" +set smime_get_signer_cert_command= "openssl smime -verify -in %f -noverify -signer %c -out /dev/null" +set smime_import_cert_command = "smime_keys add_cert %f" +set smime_pk7out_command = "openssl smime -verify -in %f -noverify -pk7out" +set smime_sign_command = "openssl smime -sign -signer %c -inkey %k -passin stdin -in %f -certfile %i -outform DER" +set smime_verify_command = "openssl smime -verify -inform DER -in %s %C -content %f" +set smime_verify_opaque_command = "openssl smime -verify -inform DER -in %s %C || openssl smime -verify -inform DER -in %s -noverify 2>/dev/null" diff --git a/.config/neomutt/neomuttrc b/.config/neomutt/neomuttrc @@ -1,7 +1,8 @@ -source users/hayden@haydenvh.com #user +source users/hayden@hhvn.uk #user +#source users/hayden@haydenvh.com #user #source users/hhvn@dataswamp.org #user #source users/backtrack@airmail.cc #user -#source users/irc@hlirc.net #user +#source users/hhvn@hlirc.net #user set ssl_starttls = yes set ssl_force_tls = yes