commit acc9679fc6e5594283db998f394db367cfc60a61
parent 1a91e2158325b40552a173b7d577642b7827a546
Author: Chris Bracken <chris@bracken.jp>
Date: Sun, 29 Jun 2025 09:53:44 -0700
gpg,git,mutt: use new gpg key
Finally got around to creating an ed25519 singing key to replace my
ancient RSA 2048 key. As evidence that the new key belongs to me, I've
signed it with my old key. For completeness, I've also signed the old
key with the new key.
This git commit should be signed with the old key but all further
commits will be signed with the new key.
This also adds a host-specific config for `hamachi`, and renames the
previous `yanagi` config to `ichou` (the host was renamed).
Diffstat:
4 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/.config/git/hamachi b/.config/git/hamachi
@@ -0,0 +1,8 @@
+[commit]
+ gpgsign = true
+[gpg]
+ program = gpg
+[tag]
+ gpgsign = true
+[user]
+ signingkey = A675C99848CEF8642180465EE15C4E854923C76C
diff --git a/.config/git/yanagi b/.config/git/ichou
diff --git a/.config/mutt/crypto b/.config/mutt/crypto
@@ -4,8 +4,8 @@ set pgp_verify_command="gpg --no-verbose --batch --output - --verify %s %f"
set pgp_decrypt_command="gpg --no-verbose --batch --output - %f"
set pgp_sign_command="gpg --no-verbose --batch --output - --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_clearsign_command="gpg --no-verbose --batch --output - --armor --textmode --clearsign %?a?-u %a? %f"
-set pgp_encrypt_only_command="/usr/local/bin/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0xCBE8A8FE -- -r %r -- %f"
-set pgp_encrypt_sign_command="/usr/local/bin/pgpewrap gpg --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0xCBE8A8FE -- -r %r -- %f"
+set pgp_encrypt_only_command="/usr/local/bin/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to A675C99848CEF8642180465EE15C4E854923C76C -- -r %r -- %f"
+set pgp_encrypt_sign_command="/usr/local/bin/pgpewrap gpg --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to A675C99848CEF8642180465EE15C4E854923C76C -- -r %r -- %f"
set pgp_import_command="gpg --no-verbose --import -v %f"
set pgp_export_command="gpg --no-verbose --export --armor %r"
set pgp_verify_key_command="gpg --no-verbose --batch --fingerprint --check-sigs %r"
@@ -13,7 +13,7 @@ set pgp_list_pubring_command="gpg --no-verbose --batch --with-colons --list-keys
set pgp_list_secring_command="gpg --no-verbose --batch --with-colons --list-secret-keys %r"
# specify the uid to use when encrypting/signing
-set pgp_sign_as=0xCBE8A8FE
+set pgp_sign_as=A675C99848CEF8642180465EE15C4E854923C76C
# this set the number of seconds to keep in memory the passpharse used to encrypt/sign
# the more the less secure it will be
diff --git a/.gnupg/gpg.conf b/.gnupg/gpg.conf
@@ -27,7 +27,7 @@ no-greeting
# If you have more than 1 secret key in your keyring, you may want to
# uncomment the following option and set your preferred keyid.
-default-key CBE8A8FE
+default-key A675C99848CEF8642180465EE15C4E854923C76C
# If you do not pass a recipient to gpg, it will ask for one. Using
# this option you can encrypt to a default key. Key validation will