Hi All, Thanks for the help over the last few days, I have gotten a spare laptop that I will be using to test my skills for about a month before changing across to Linux full time. I am hoping that someone can point me in the right direction to find out some more information on PGP, specifically how to use it for signing messages and how to use it for encrypting messages. I am also interested in finding out if possible details on some key servers where I might place my keys once generated. Thanks in advance. -- Shane A. Broomhall CCA, CCEA, CCSP, CCI, CNA, CNE, CLP, MCSE +I, MCT SCSA, CTT, Sair/GNU LCP Shane Broomhall Consulting Pty Ltd Brisbane Australia Teaching Citrix, Running Linux (Suse 7.3)
Start with man gpg (the gnu version of pgp). Then go to www.gnupg.org/gph and the howtos at: www.gnupg.org/docs.html Hope this helps, if nothing else it will give you some good late night reading. Jim 01/12/02 10:42:02 PM, shane broomhall <shanebroomhall@computer.org> wrote:
Hi All,
Thanks for the help over the last few days, I have gotten a spare laptop that I will be using to test my skills for about a month before changing across to Linux full time.
I am hoping that someone can point me in the right direction to find out some more information on PGP, specifically how to use it for signing messages and how to use it for encrypting messages. I am also interested in finding out if possible details on some key servers where I might place my keys once generated.
Thanks in advance. --
Shane A. Broomhall
CCA, CCEA, CCSP, CCI, CNA, CNE, CLP, MCSE +I, MCT SCSA, CTT, Sair/GNU LCP
Shane Broomhall Consulting Pty Ltd Brisbane Australia
Teaching Citrix, Running Linux (Suse 7.3)
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
On Sat, 2002-01-12 at 21:42, shane broomhall wrote:
Hi All,
Thanks for the help over the last few days, I have gotten a spare laptop that I will be using to test my skills for about a month before changing across to Linux full time.
I am hoping that someone can point me in the right direction to find out some more information on PGP, specifically how to use it for signing messages and how to use it for encrypting messages. I am also interested in finding out if possible details on some key servers where I might place my keys once generated.
Thanks in advance. --
Shane A. Broomhall
CCA, CCEA, CCSP, CCI, CNA, CNE, CLP, MCSE +I, MCT SCSA, CTT, Sair/GNU LCP
Shane Broomhall Consulting Pty Ltd Brisbane Australia
Teaching Citrix, Running Linux (Suse 7.3)
--
PGP or GPG (the linux answer) encryption and security can be a very large item to learn about. Very briefly: The pgp version on the SuSE CD is VERY DATED (vers 2.??); do not use this. If you insist on using pgp go to www.pgpi.com and get linux version 6.5.8 With the loss of Phil Zimmerman from PGP (MacAfee) and the current judicial and law enforcement initiatives in the US regarding computer encryption technology, I would consider the future use of pgp as less than prudent. Regardless, the international site at www.pgpi.com remains an excellent source of documentation and links for other web information. GPG is available from the SuSE CD or www.gnupg.org. GPG and PGP are fairly compatible (I use pgp on the windows side and gpg on the linux and have the same public and secret keys rings). There are fewer licensing issues with gpg than with pgp. Either pgp 6.5.8 or gpg 1.06 can be used in command line mode. For GUI in linux use GPA or Geheimnis for key management plus some encryption/decryption tasks. For email in linux use evolution, kmail, sylpheed, mutt or pine (probably others as well). Both gpg and pgp include a bunch of documentation form the web sites or in the packages that you download. Read it. Remember passwords are a joke and will be broken within seconds by a brute dictionary attack. You will need to think about a pass phrase, either complex, nonsensical or both. BTW if you have pgp/gpg and your correspondents have neither then you can not encrypt because they can not decrypt. Ask if you have any problems getting pgp/gpg set up on your SuSE system -- Ralph Sanford - If your government does not trust you, rsanford@telusplanet.net - should you trust your government? DH/DSS Key - 0x7A1BEA01
On Sun, 13 Jan 2002, Ralph Sanford wrote:
With the loss of Phil Zimmerman from PGP (MacAfee) and the current judicial and law enforcement initiatives in the US regarding computer encryption technology, I would consider the future use of pgp as less than prudent.
~ Where, please, has Phil Zimmerman gone to ? thanks best wishes ____________ sent on Linux ____________
On Sun, 2002-01-13 at 00:02, tabanna wrote:
On Sun, 13 Jan 2002, Ralph Sanford wrote:
With the loss of Phil Zimmerman from PGP (MacAfee) and the current judicial and law enforcement initiatives in the US regarding computer encryption technology, I would consider the future use of pgp as less than prudent.
~ Where, please, has Phil Zimmerman gone to ?
thanks
best wishes
From the possibly rusty memory of ralph.
Phil left PGPCorp - NAI(MacAfee) early last year. At the time he released a statement that basically stated that he was at odds with the management decision to release only a portion of the pgp code from future versions. PGPCorp followed with a statement that sufficient source code was being released to ensure privacy. My recollection was the Phil was going to work for OpenPGP. Have not heard anything since. I do not have the sources of this information. Possibly www.pgpi.org has news archives? My personal and highly opinionated view is that Phil Zimmerman represented the integrity at PGPCorp and the loss of him, especially when he publicly questioned managements decision about source code, means a significant loss of integrity and trust regarding PGPCorp. The latest version of PGP that I would fully trust is 6.5.8 as it was released long before Phil made his decision to leave. PGP 7.0 was released just prior to Phil's announcement and may have been a contributing factor to his decision. -- Ralph Sanford - If your government does not trust you, rsanford@telusplanet.net - should you trust your government? DH/DSS Key - 0x7A1BEA01
On 12 Jan 2002, Ralph Sanford wrote:
GPG is available from the SuSE CD or www.gnupg.org. GPG and PGP are fairly compatible (I use pgp on the windows side and gpg on the linux and have the same public and secret keys rings). There are fewer licensing issues with gpg than with pgp.
I switched to GnuPG on both my Linux and Windows installations ever since the Rijndael cipher was accepted as the AES, and it took PGP a while before accepting it (version 7.0.3). I use the same files for both by use a symlink. After the addition of a few lines to the 'options' file, PGP 7.0.x and GnuPG are completely compatible with each other. Several of my friends still use PGP, and I successly communite with them. Personally, I don't trust security closed-source software. The fact that NAI develops (developed?) PGP stresses that point even further. I won't rest easy knowing that NAI could be coding in some backdoor for the NSA.
Both gpg and pgp include a bunch of documentation form the web sites or in the packages that you download. Read it. Remember passwords are a joke and will be broken within seconds by a brute dictionary attack. You will need to think about a pass phrase, either complex, nonsensical or both.
For the creation of a passphrase, a whole-heartedly recommend DiceWare [www.diceware.com]. It's basically a text file with thousands of words. Each word is given a 5 digit number. You roll dice 5 times to get 5 numbers, and you use the word that has that number. You repeat the process 5 times to get a 5 digit word, which is enough for most users. FYI: rolling dice produces random numbers; /dev/random doesn't... I found the GnuPG handbook very informative, not only on using GnuPG but also a little background on public-key cryptography (which I desperately needed). -- Karol Pietrzak PGP KeyID: 3A1446A0
On Monday 14 January 2002 01:13, Karol Pietrzak wrote: [...]
I switched to GnuPG on both my Linux and Windows installations ever since the Rijndael cipher was accepted as the AES, and it took PGP a while before accepting it (version 7.0.3). I use the same files for both by use a symlink. After the addition of a few lines to the 'options' file, PGP 7.0.x and GnuPG are completely compatible with each other. Several of my friends still use PGP, and I successly communite with them.
Could you please share these few lines with us? I receive PGP messages from pgp (windows Version: PGPfreeware 7.0.3 for non-commercial use) users and get errors about ignoring "radix64 char 3a" and checksum errors when trying to decrypt them. Thanks, Matt
On 14 Jan 2002, Matt T. wrote:
Could you please share these few lines with us?
I receive PGP messages from pgp (windows Version: PGPfreeware 7.0.3 for non-commercial use) users and get errors about ignoring "radix64 char 3a" and checksum errors when trying to decrypt them.
Surely. The following are the contents of my 'options' file: force-v3-sigs escape-from-lines utf8-strings comment http://www.gnupg.org compress-algo 1 cipher-algo RIJNDAEL s2k-cipher-algo RIJNDAEL Only lines 1, 5, 6, and 7 are show-stoppers, and keep in mind PGP 6.5.8 doesn't support AES. -- Karol Pietrzak PGP KeyID: 3A1446A0
participants (6)
-
James Bliss -
Karol Pietrzak -
Matt T. -
Ralph Sanford -
shane broomhall -
tabanna