Option file setting for cipher and hash not global?

David Shaw dshaw at jabberwocky.com
Mon Sep 18 05:39:20 CEST 2006

On Sun, Sep 17, 2006 at 06:32:48PM -0600, anogeorgeo at softhome.net wrote:
> Hi, 
> My system:
> Windows XP Home SP2
> GnuPG 1.4.5 
> I wish to have GnuPG automatically use the cipher algo TWOFISH and hash 
> algo RIPEMD-160 for all keys that are created. 
> I have these settings in my "gpg.conf":
> cipher-algo TWOFISH
> digest-algo RIPEMD160
> s2k-cipher-algo TWOFISH
> s2k-digest-algo RIPEMD160 
> But when I create a new key and use "showpref" I find the key is using the 
> cipher AES256 and the hash SHA1. 
> Is it possible to make all keys use TWOFISH and RIPEMD-160 by default? 

I think you're asking for this:

  default-preference-list TWOFISH RIPEMD160

However, note that this controls what other people use when encrypting
to you, and not what ciphers you use when encrypting to them.

Also note that if you only accept TWOFISH and RIPEMD160, you're going
to get a lot (perhaps even most) of your encrypted messages actually
encrypted with 3DES.  TWOFISH is not as common as other ciphers (like
AES), and a sender without TWOFISH will fail over to 3DES.


More information about the Gnupg-users mailing list