Generally, the configuration file PGPprefs.xml cannot be changed by PGP Command Line itself: any changes need to be edited manually (on Mac OS X, the configuration file is com.pgp.desktop.plist, located in /user’s home directory/Library/Preferences/).
Starting with the PGP Command Line version 9.0, there is one operation that will change the configuration file: when you authorize a license, this information is saved in the file PGPprefs.xml for future use.
The configuration file PGPprefs.xml is located in the following locations:
$HOME directory on any Unix platform
The exact location depends on the version of Windows, but it is always the directory that holds the application data.
39
By changing some of the settings in the PGPprefs.xml file, you will change how PGP Command Line works as long as this file is not replaced.
Note that those configuration file settings that do not begin with "CL" are shared among all PGP applications on the system.
Like arguments, the configuration file settings come in different types: Boolean, Integer, Enumeration, List, and String.
Boolean configuration file settings you can use with PGP Command Line are:
ADK warning level (adkWarning). Enables warning messages for ADK actions such as adding an ADK, skipping an ADK, or when an ADK is not found. Refer to --warn-adk (on page 195) for more information.
Encrypt to self (encryptToSelf). When on, all files or messages you encrypt to someone else are also encrypted to your key, which means you can decrypt those encrypted files/messages at a later time, if you wish. The default is off. See --encrypt-to-self (on page 188) for more information.
Fast keygen (fastKeyGen). Establishes the setting for fast key
generation, on or off. The default is on. See --fast-key-gen (on page 189) for more information.
Halt on error (CLhaltOnError). When on, causes PGP Command Line to halt operations when an error occurs. Does not apply to all operations. The default is off. See --halt-on-error (on page 190) for more information.
Keyring cache (CLkeyringCache). When on, stores keyrings in memory for each access. The default is off. See --keyring-cache (on page 190) for more information.
Large Keyrings (CLlargeKeyrings). Checks keyring signatures only when necessary. See --large-keyrings (on page 190) for more information.
Marginal is invalid (marginalIsInvalid). Establishes whether marginally trusted keys are considered valid. The default is true, which means that marginally valid keys are not valid. See --marginal-as-valid (on page 191) for more information.
Passphrase cache (CLpassphraseCache). When on, automatically saves your passphrase in memory until you log off or purge the passphrase cache.
The default is off. See --passphrase-cache (on page 192) for more information.
Integer configuration file settings you can use with PGP Command Line are:
Keyring cache timeout (CLkeyringCacheTimeout). Establishes the number of seconds a keyring stays cached in memory. The default is 120 seconds. See --keyring-cache-timeout (on page 201) for more information.
Keyserver timeout (CLkeyserverTimeout). Establishes the number of seconds to wait before a keyserver operation times out. The default is 120 seconds. See --KEYSERVER-TIMEOUT (SEE "Integer Options" ON PAGE 197)for more information.
40
Number of wipe input passes (CLfileWipeInputPasses). Establishes the number of wipe passes for input files. The default is 3 passes. See --wipe-input-passes (on page 206) for more information.
Number of wipe passes (fileWipePasses). Establishes the number of passes used by the --wipe command. The default is 3 passes. See --wipe (on page 179) for more information.
Number of wipe temp passes (CLfileWipeTempPasses). Establishes the number of wipe passes for temporary files. The default is 3 passes.
See --wipe-temp-passes (on page 207) for more information.
Number of wipe overwrite passes (CLfileWipeOverwritePasses).
Establishes the number of wipe passes when overwriting an existing output file. The default is 3 passes. See --wipe-overwrite-passes(ON PAGE
207)for more information.
Passphrase cache timeout (CLpassphraseCacheTimeout). Establishes the number of seconds a passphrase stays cached in memory. The default is 120 seconds. See --passphrase-cache-timeout (on page 202) for more information.
Enumeration configuration file settings you can use with PGP Command Line are:
Automatic import of keys (CLautoImportKeys). Establishes behavior when keys are found during non-import operations. The default is all. See --auto-import-keys (on page 208) for more information.
Compression Level (CLcompressionLevel). Sets the compression level for the current operation. The default is default. See --COMPRESSION-LEVEL (on page 210) for more information.
Enforce ADK (CLenforceADK). Establishes the ADK enforcement policy.
The default is attempt. See --enforce-adk (on page 211) for more information.
Input cleanup (CLinputCleanup). Establishes what to do with input files after they have been used. The default is off. See --input-cleanup (on page 213) for more information.
Manual import of keys (CLmanualImportKeys). Establishes behavior when keys are found during an import. The default is all. See --manual-import-key-pairs (on page 215) for more information.
Manual import of key pairs (CLmanualImportKeyPairs). Establishes behavior when key pairs are found during import. The default is pair. Refer to --manual-import-keys (on page 215) for more information.
Sort order (CLsortOrder). Changes the sort order for writing key lists.
The default is any. See --sort-order, --sort (on page 216) for more information.
Overwrite (CLoverwrite). Establishes what to do when an operation tries to create an output file but it already exists. The default is off. See
--overwrite (on page 216) for more information.
41
List configuration file settings you can use with PGP Command Line are:
Always encrypt to keys (alwaysEncryptToKeys). Specifies additional recipients for encryption. Use the 32- or 64-bit key ID to specify the key(s) to use. Refer to --additional-recipient (on page 229) for more information.
Default keyserver names and associated values (keyservers).
Specifies default keyservers. The default is ldap://keyserver.pgp.com:389/.
If you supply a keyserver on the command line, those keyservers listed in the configuration file are ignored.
String configuration file settings you can use with PGP Command Line are:
Comment (commentString). Specifies a comment string to be used in armored output blocks. The default is not set. Refer to --comment (on page 219) for more information.
Default signing key (CLdefaultKey). Specifies a key to be used by default for signing. The default is not set. See --default-key (on page 220) for more information.
License Authorization (CLlicenseAuthorization). Specifies the license authorization. The default is not set. See name, --license-number, --license-organization, --license-email (on page 222) for more information.
Caution: Because licensing information is stored somewhat differently, PGP Corporation recommends that you do not directly edit the license-related configuration file settings; instead, use the license authorization commands described in Licensing (on page 25).
License Name (CLlicenseName). Specifies the name of the licensee. The default is not set. See name, number,
--license-organization, --license-email (on page 222) for more information.
License Number (CLlicenseNumber). Specifies the license number. The default is not set. See name, number,
--license-organization, --license-email (on page 222) for more information.
License Organization (CLlicenseOrganization). Specifies the organization of the licensee. The default is not set. See --license-name, --license-number, --license-organization, --license-email (on page 222) for more information.
Output File (CLoutputFile). Specifies the output file (default is not set in the configuration file; defaults to stdout). The output file is used for output messages. See --output-file (on page 224) for more information.
Private keyring file (privateKeyringFile). The filename or path and filename to the private keyring file. The default is secring.skr, located in the default PGP Command Line home directory. See --private-keyring (on page 225) for more information.
42
Public keyring file (publicKeyringFile). The filename or path and filename to the public keyring file. The default is pubring.pkr, located in the default PGP Command Line home directory. See --public-keyring (on page 226) for more information.
Random seed filename (rngSeedFile). Sets the location of the random seed file. By default, the random seed file is located in the PGP Command Line data directory. See --random-seed (on page 227) for more information.
Status File (CLstatusFile). Specifies the status file. The default is not set in the configuration file; defaults to stderr. The status file is used for status messages, using a file name (with or without the path information).
See --status-file (on page 228) for more information.