Set gcrypt-publish-participants when setting up a gcrypt repository, to avoid unncessary passphrase prompts.

This is a security/usability tradeoff. To avoid exposing the gpg key ids who can decrypt the repository, users can unset gcrypt-publish-participants. The gcrypt-publish-participants option is available in my fork of git-remote-gcrypt. This commit was sponsored by Christopher Kernahan.
author: Joey Hess <joey@kitenet.net> 2014-07-15 17:33:14 -0400
committer: Joey Hess <joey@kitenet.net> 2014-07-15 17:33:14 -0400
commit: 4b4d302bcd168732c0e04d76bb387fd04fce06b5 (patch)
tree: 8cf3e71a238298773ea0a905dec0e12b8e13570c /doc
parent: a5a92f89d200ce109cdcfc72e2a21f4d92eef2cf (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/special_remotes/gcrypt.mdwn b/doc/special_remotes/gcrypt.mdwn
index ac98c43bb..2e07741d3 100644
--- a/doc/special_remotes/gcrypt.mdwn
+++ b/doc/special_remotes/gcrypt.mdwn
@@ -43,3 +43,8 @@ way git-remote-gcrypt encrypts the git repository, you will need to somehow
 force it to re-push everything again, so that the encrypted repository can
 be decrypted by the added keys. Probably this can be done by setting
 `GCRYPT_FULL_REPACK` and doing a forced push of branches.
+
+Recent versions of git-annex configure gcrypt-publish-participants when
+setting up a gcrypt repository. This is done to avoid unncessary gpg
+passphrase prompts, but it does publish the gpg keyids that can decrypt the
+repository. Unset it if you need to obscure that.
author	Joey Hess <joey@kitenet.net>	2014-07-15 17:33:14 -0400
committer	Joey Hess <joey@kitenet.net>	2014-07-15 17:33:14 -0400
commit	4b4d302bcd168732c0e04d76bb387fd04fce06b5 (patch)
tree	8cf3e71a238298773ea0a905dec0e12b8e13570c /doc
parent	a5a92f89d200ce109cdcfc72e2a21f4d92eef2cf (diff)