On 12 Jan 2002, Ralph Sanford wrote:
GPG is available from the SuSE CD or www.gnupg.org. GPG and PGP are fairly compatible (I use pgp on the windows side and gpg on the linux and have the same public and secret keys rings). There are fewer licensing issues with gpg than with pgp.
I switched to GnuPG on both my Linux and Windows installations ever since the Rijndael cipher was accepted as the AES, and it took PGP a while before accepting it (version 7.0.3). I use the same files for both by use a symlink. After the addition of a few lines to the 'options' file, PGP 7.0.x and GnuPG are completely compatible with each other. Several of my friends still use PGP, and I successly communite with them. Personally, I don't trust security closed-source software. The fact that NAI develops (developed?) PGP stresses that point even further. I won't rest easy knowing that NAI could be coding in some backdoor for the NSA.
Both gpg and pgp include a bunch of documentation form the web sites or in the packages that you download. Read it. Remember passwords are a joke and will be broken within seconds by a brute dictionary attack. You will need to think about a pass phrase, either complex, nonsensical or both.
For the creation of a passphrase, a whole-heartedly recommend DiceWare [www.diceware.com]. It's basically a text file with thousands of words. Each word is given a 5 digit number. You roll dice 5 times to get 5 numbers, and you use the word that has that number. You repeat the process 5 times to get a 5 digit word, which is enough for most users. FYI: rolling dice produces random numbers; /dev/random doesn't... I found the GnuPG handbook very informative, not only on using GnuPG but also a little background on public-key cryptography (which I desperately needed). -- Karol Pietrzak PGP KeyID: 3A1446A0