On Sat, 2002-01-12 at 21:42, shane broomhall wrote:
Hi All,
Thanks for the help over the last few days, I have gotten a spare laptop that I will be using to test my skills for about a month before changing across to Linux full time.
I am hoping that someone can point me in the right direction to find out some more information on PGP, specifically how to use it for signing messages and how to use it for encrypting messages. I am also interested in finding out if possible details on some key servers where I might place my keys once generated.
Thanks in advance. --
Shane A. Broomhall
CCA, CCEA, CCSP, CCI, CNA, CNE, CLP, MCSE +I, MCT SCSA, CTT, Sair/GNU LCP
Shane Broomhall Consulting Pty Ltd Brisbane Australia
Teaching Citrix, Running Linux (Suse 7.3)
--
PGP or GPG (the linux answer) encryption and security can be a very large item to learn about. Very briefly: The pgp version on the SuSE CD is VERY DATED (vers 2.??); do not use this. If you insist on using pgp go to www.pgpi.com and get linux version 6.5.8 With the loss of Phil Zimmerman from PGP (MacAfee) and the current judicial and law enforcement initiatives in the US regarding computer encryption technology, I would consider the future use of pgp as less than prudent. Regardless, the international site at www.pgpi.com remains an excellent source of documentation and links for other web information. GPG is available from the SuSE CD or www.gnupg.org. GPG and PGP are fairly compatible (I use pgp on the windows side and gpg on the linux and have the same public and secret keys rings). There are fewer licensing issues with gpg than with pgp. Either pgp 6.5.8 or gpg 1.06 can be used in command line mode. For GUI in linux use GPA or Geheimnis for key management plus some encryption/decryption tasks. For email in linux use evolution, kmail, sylpheed, mutt or pine (probably others as well). Both gpg and pgp include a bunch of documentation form the web sites or in the packages that you download. Read it. Remember passwords are a joke and will be broken within seconds by a brute dictionary attack. You will need to think about a pass phrase, either complex, nonsensical or both. BTW if you have pgp/gpg and your correspondents have neither then you can not encrypt because they can not decrypt. Ask if you have any problems getting pgp/gpg set up on your SuSE system -- Ralph Sanford - If your government does not trust you, rsanford@telusplanet.net - should you trust your government? DH/DSS Key - 0x7A1BEA01