Weblog for dkg – HOWTO prep for migration off of SHA-1 in OpenPGP


In a nutshell:

Either, enter the following into a terminal…,

cat >>~/.gnupg/gpg.conf <<EOF
personal-digest-preferences SHA256
cert-digest-algo SHA256
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
EOF

…or open gpg.conf in any text editor of your choice.

And then…,

## As I am on windows these days,
#  gpg4win
## I had to open a cmd, and use gpg2 instead of just gpg.
gpg --edit-key $YourKeyID
# To show your prefs.
showpref
# To set your new prefs.
setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed

Tada, and Bob’s your uncle. 🙂

via Weblog for dkg – HOWTO prep for migration off of SHA-1 in OpenPGP.

Better late, than never. 😉