.\"
.\" THIS FILE HAS BEEN AUTOMATICALLY GENERATED.  DO NOT EDIT.
.\"
.TH MHSIGN 1mh "2019-01-06" MH.6.8 [mmh-0.4]
.SH NAME
mhsign \- sign or encrypt a message with gnupg
.SH SYNOPSIS
.HP 5
.na
.B mhsign
.RB [ \-encrypt ]
.RB [ \-mime ]
.RB [ \-Version ]
.RB [ \-help ]
.I file
.ad
.SH DESCRIPTION
.B mhsign
is a script to simplify signing and encrypting, using gnupg.
.PP
.B mhsign
is normally invoked automatically by
.BR send .
When used directly, the source file, typically an MH draft file,
is replaced by the signed or encrypted message.
To permit recovery from mistakes,
a backup copy of the original file is saved, under the same name
with `.orig' appended.
.PP
The following options are recognized:
.TP
.B \-encrypt
Encrypt to recipients, in addition to signing.
The message will also be encrypted to the signing key.
.TP
.B \-mime
Use the PGP/MIME standard for signing and encrypting.
This is automatic if the message is already a multipart MIME message.
Otherwise the default is to sign/encrypt in the old-fashioned
non-MIME manner, for compatibility with older software.
When a message is signed but not encrypted, using the PGP/MIME
formatting, any line beginning with ``From '' will be indented, and any
trailing spaces will be removed from lines in the message body.
This is to ensure maximum compatibility.
Where trailing blanks are important (sending patches, for example),
it would be wise to use quoted-printable or other MIME encoding
for that component.
.PP
The signing key is automatically determinded by gnupg,
unless the the profile entry
.IR Pgpkey
defines it.
The environment variable
.IR MMHPGPKEY
has highest precedence and can be used to overrule the key uid temporarily.
.PP
For encryption, the public keys of the recipients are taken from
the gnupg keyring.
To handle exceptions, e.g. recipient addresses that do not
match the key uid in the keyring, a file named
.I pgpkeys
may be used.
It should be located either in the gnupg directory (normally $HOME/.gnupg)
or in the mmh directory (normally $HOME/.mmh).
If both files exist, the one in the gnupg directory takes precedence.
.PP
A sample
.I pgpkeys
file:
.sp
.RS 5
.nf
0x88888888	john@nowhere.example.org
e5fda812	meillo@marmaro.de
.fi
.RE

.SH FILES
.fc ^ ~
.nf
.ta \w'/etc/mmh/ExtraBigFileName  'u
^$HOME/.gnupg/pgpkeys~^Pubkey exceptions for encrypting
^$HOME/.mmh/pgpkeys~^... alternative location
.fi

.SH "PROFILE COMPONENTS"
.fc ^ ~
.nf
.ta 2.4i
.ta \w'ExtraBigProfileName  'u
^Pgpkey:~^To determine the user's signing key
.fi

.SH "SEE ALSO"
whom(1), send(1), mhpgp(1), gpg(1), hostname(1)

.SH DEFAULTS
None

.SH CONTEXT
None

.SH BUGS
The order of the command line arguments is relevant: Options must
come first, the file must be last.
.PP
This script uses
.B hostname
to get the hostname if it isn't in the address, though
.B hostname
isn't specified by POSIX.