Next: , Previous: , Up: GPG Options   [Contents][Index]


3.2.4 OpenPGP protocol specific options.

-t, --textmode
--no-textmode

Treat input files as text and store them in the OpenPGP canonical text form with standard "CRLF" line endings. This also sets the necessary flags to inform the recipient that the encrypted or signed data is text and may need its line endings converted back to whatever the local system uses. This option is useful when communicating between two platforms that have different line ending conventions (UNIX-like to Mac, Mac to Windows, etc). --no-textmode disables this option, and is the default.

--force-v3-sigs
--no-force-v3-sigs

OpenPGP states that an implementation should generate v4 signatures but PGP versions 5 through 7 only recognize v4 signatures on key material. This option forces v3 signatures for signatures on data. Note that this option implies --no-ask-sig-expire, and unsets --sig-policy-url, --sig-notation, and --sig-keyserver-url, as these features cannot be used with v3 signatures. --no-force-v3-sigs disables this option. Defaults to no.

--force-v4-certs
--no-force-v4-certs

Always use v4 key signatures even on v3 keys. This option also changes the default hash algorithm for v3 RSA keys from MD5 to SHA-1. --no-force-v4-certs disables this option.

--force-mdc

Force the use of encryption with a modification detection code. This is always used with the newer ciphers (those with a blocksize greater than 64 bits), or if all of the recipient keys indicate MDC support in their feature flags.

--disable-mdc

Disable the use of the modification detection code. Note that by using this option, the encrypted message becomes vulnerable to a message modification attack.

--personal-cipher-preferences string

Set the list of personal cipher preferences to string. Use gpg2 --version to get a list of available algorithms, and use none to set no preference at all. This allows the user to safely override the algorithm chosen by the recipient key preferences, as GPG will only select an algorithm that is usable by all recipients. The most highly ranked cipher in this list is also used for the --symmetric encryption command.

--personal-digest-preferences string

Set the list of personal digest preferences to string. Use gpg2 --version to get a list of available algorithms, and use none to set no preference at all. This allows the user to safely override the algorithm chosen by the recipient key preferences, as GPG will only select an algorithm that is usable by all recipients. The most highly ranked digest algorithm in this list is also used when signing without encryption (e.g. --clearsign or --sign).

--personal-compress-preferences string

Set the list of personal compression preferences to string. Use gpg2 --version to get a list of available algorithms, and use none to set no preference at all. This allows the user to safely override the algorithm chosen by the recipient key preferences, as GPG will only select an algorithm that is usable by all recipients. The most highly ranked compression algorithm in this list is also used when there are no recipient keys to consider (e.g. --symmetric).

--s2k-cipher-algo name

Use name as the cipher algorithm used to protect secret keys. The default cipher is CAST5. This cipher is also used for symmetric encryption with a passphrase if --personal-cipher-preferences and --cipher-algo is not given.

--s2k-digest-algo name

Use name as the digest algorithm used to mangle the passphrases. The default algorithm is SHA-1.

--s2k-mode n

Selects how passphrases are mangled. If n is 0 a plain passphrase (which is not recommended) will be used, a 1 adds a salt to the passphrase and a 3 (the default) iterates the whole process a number of times (see –s2k-count). Unless --rfc1991 is used, this mode is also used for symmetric encryption with a passphrase.

--s2k-count n

Specify how many times the passphrase mangling is repeated. This value may range between 1024 and 65011712 inclusive. The default is inquired from gpg-agent. Note that not all values in the 1024-65011712 range are legal and if an illegal value is selected, GnuPG will round up to the nearest legal value. This option is only meaningful if --s2k-mode is 3.


Next: , Previous: , Up: GPG Options   [Contents][Index]