5.6.12 Session options

The standard Assuan option handler supports these options.

OPTION name[=value]

These names are recognized:

putenv

Change the session’s environment to be passed via gpg-agent to Pinentry. value is a string of the form <KEY>[=[<STRING>]]. If only <KEY> is given the environment variable <KEY> is removed from the session environment, if <KEY>= is given that environment variable is set to the empty string, and if <STRING> is given it is set to that string.

display

Set the session environment variable DISPLAY is set to value.

ttyname

Set the session environment variable GPG_TTY is set to value.

ttytype

Set the session environment variable TERM is set to value.

lc-ctype

Set the session environment variable LC_CTYPE is set to value.

lc-messages

Set the session environment variable LC_MESSAGES is set to value.

xauthority

Set the session environment variable XAUTHORITY is set to value.

pinentry-user-data

Set the session environment variable PINENTRY_USER_DATA is set to value.

include-certs

This option overrides the command line option --include-certs. A value of -2 includes all certificates except for the root certificate, -1 includes all certificates, 0 does not include any certificates, 1 includes only the signers certificate and all other positive values include up to value certificates starting with the signer cert.

list-mode

See gpgsm-cmd listkeys.

list-to-output

If value is true the output of the list commands (see gpgsm-cmd listkeys) is written to the file descriptor set with the last OUTPUT command. If value is false the output is written via data lines; this is the default.

with-validation

If value is true for each listed certificate the validation status is printed. This may result in the download of a CRL or the user being asked about the trustworthiness of a root certificate. The default is given by a command line option (see gpgsm-option --with-validation).

with-secret

If value is true certificates with a corresponding private key are marked by the list commands.

validation-model

This option overrides the command line option validation-model for the session. (See gpgsm-option --validation-model.)

with-key-data

This option globally enables the command line option --with-key-data. (See gpgsm-option --with-key-data.)

enable-audit-log

If value is true data to write an audit log is gathered. (See gpgsm-cmd getauditlog.)

allow-pinentry-notify

If this option is used notifications about the launch of a Pinentry are passed back to the client.

with-ephemeral-keys

If value is true ephemeral certificates are included in the output of the list commands.

no-encrypt-to

If this option is used all keys set by the command line option --encrypt-to are ignored.

offline

If value is true or value is not given all network access is disabled for this session. This is the same as the command line option --disable-dirmngr.

always-trust

If value is true or value is not given encryption to the specified certificates is forced without any validation of the certificate chain. The only requirement is that the certificates are capable of encryption. If set to false the standard behaviour is re-established. This option is cleared by a RESET and after each encrypt operation. Note that this option is ignored if --always-trust or --require-compliance are used.

input-size-hint

This is the same as the --input-size-hint command line option.

no-protection

If value is true exported keys are not protected by a passphrase. This can be reset with a value of 0 or a RESET command. This is the same as the command line option --no-protection.