epa: Encrypting/decrypting gpg files
3.6 Encrypting/decrypting gpg files
===================================
By default, every file whose name ends with ‘.gpg’ will be treated as
encrypted. That is, when you open such a file, the decrypted text is
inserted in the buffer rather than encrypted one. Similarly, when you
save the buffer to a ‘foo.gpg’ file, encrypted data is written.
The file name pattern for encrypted files can be controlled by
EPA-FILE-NAME-REGEXP.
-- Variable: epa-file-name-regexp
Regexp which matches filenames treated as encrypted.
You can disable this behavior with ‘M-x epa-file-disable’, and then
get it back with ‘M-x epa-file-enable’.
-- Command: epa-file-disable
Disable automatic encryption/decryption of *.gpg files.
-- Command: epa-file-enable
Enable automatic encryption/decryption of *.gpg files.
By default, ‘epa-file’ will try to use symmetric encryption, aka
password-based encryption. If you want to use public key encryption
instead, do ‘M-x epa-file-select-keys’, which pops up the key selection
dialog.
-- Command: epa-file-select-keys
Select recipient keys to encrypt the currently visiting file with
public key encryption.
You can also change the default behavior with the variable
EPA-FILE-SELECT-KEYS.
-- Variable: epa-file-select-keys
Control whether or not to pop up the key selection dialog.
For frequently visited files, it might be a good idea to tell Emacs
which encryption method should be used through (emacs)File
Variables. Use the ‘epa-file-encrypt-to’ local variable for this.
For example, if you want an Elisp file to be encrypted with a public
key associated with an email address ‘ueno@unixuser.org’, add the
following line to the beginning of the file.
;; -*- epa-file-encrypt-to: ("ueno@unixuser.org") -*-
Instead, if you want the file always (regardless of the value of the
‘epa-file-select-keys’ variable) encrypted with symmetric encryption,
change the line as follows.
;; -*- epa-file-encrypt-to: nil -*-
Other variables which control the automatic encryption/decryption
behavior are below.
-- Variable: epa-file-cache-passphrase-for-symmetric-encryption
If non-‘nil’, cache passphrase for symmetric encryption. The
default value is ‘nil’.
-- Variable: epa-file-inhibit-auto-save
If non-‘nil’, disable auto-saving when opening an encrypted file.
The default value is ‘t’.