home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
The Datafile PD-CD 5
/
DATAFILE_PDCD5.iso
/
utilities
/
p
/
pgp
/
PGPhints
< prev
next >
Wrap
PGP Signed Message
|
1994-02-28
|
11KB
|
251 lines
-----BEGIN PGP SIGNED MESSAGE-----
PGPhints Version 4, 28-Feb-1994
-------------------------------
There is a *lot* of documentation for PGP - here are a few hints and tips to
get you started with Archimedes PGP.
Revision History:
Version 1, 04-Apr-1993: Initial release.
Version 2, 14-May-1993: Added info on key-generation. Added item on
the problems of taskwindows. Added warning about taskwindows
to info on PGPwimp. Added info on ReadNews scripts for PGP.
Expanded info on Reader(S).
Version 3, 21-May-1993: Moved revision history to beginning of file
to make it easier to see what's changed from the last version.
Removed info on key-generation problem in taskwindow - release 1.16 of PGP cures the problem.
Version 4, 28-Feb-1994: Removed general information which has since been
incorporated into the alt.security.pgp Frequently-asked
Questions postings.
1) Most people install the PGP executable in their library directory
($.library), or somewhere else that they've defined to appear on their
Run$Path.
2) The filer *must* have seen the !PGP application before you try and use
PGP, so that the executable knows where keyrings and other important
files are kept.
3) If you have more than one filing system, you will have to take steps
to ensure PGP continues to work no matter what the current filing system
is. The simplest way is to redefine Run$Path from
,%.
to (say)
,adfs:%.
or, if you have library directories on each FS (presumably each having
different contents)
,adfs:%.,scsi:%.
no doubt some of you will have a Run$Path which is even more complex,
but the principle is the same.
Note that the `.' at the end of the above examples is a part of the
syntax, not a full stop.
4) If you don't want to have to type a fully-specified path to a file, set
the CSD to point to the directory containing that file and then run PGP.
5) The most useful command is PGP -h, which outputs the contents of pgp/hlp
to the screen.
6) If you run PGP in a task window, then you can turn off PGP's inbuilt
pager by adding the line
pager = "type"
to your config/txt.
7) PGP may be interrupted at any stage by pressing <Esc>.
8) PGP normally uses the !PGP folder for temporary files, but you can
choose to put them elsewhere (a faster hard disc, a slower hard disc
with more free space, or a RAM disc).
There are two ways of specifying an alternative placement for temporary
files. The first is to add a line like
TMP = "RAM:$"
to your config/txt.
However, this means that you always need the RAM disc present when you
use PGP. If want to use RAM disc for temporary files only when you're
encrypting a very large file, you can achieve this by SETting the OS
variable TMP to RAM:$, running PGP, then UNSETting TMP.
The OS variable TMP overrides any value specified in config/txt, so
you *can* have your cake and eat it.
9) Generate a secret key for yourself with PGP -kg. Most people go for a
1024-bit key. I would not recommend using a 384-bit key.
When PGP asks you to type some random text, I would advise that you
actually copy-type text from a randomly-selected book rather than
press keys at random - this should generate a wider spread of key-stroke
timings.
Note that generating a 1024-bit key takes around 3 minutes on an ARM3.
10) Your public key is likely to get passed around and end up on an
internet public-key server, so pick user-IDs that unambiguously
specify your address. It's no good saying that you're Fred Bloggs on
Dingbat BBS, make it clear that Dingbat BBS is a fido node and give its
fido address, e.g.,
Fred Xavier Bloggs (Fred Bloggs on Dingbat BBS. Fido 6:666/66.6)
Another reason fully specifying your user-ID is that people tend to use
PGP as an email address book.
11) If you have more than one address at which you're happy to receive
email, add user-IDs for each one. For instance, if you have an internet
address and use a BBS, you might add user-IDs like:
Fred Xavier Bloggs <fred.bloggs@foo.bar.com>
Fred Bloggs on Dingbat BBS. Fido 6:666/66.6
12) You can't change the text of user-IDs. What you must do instead is
add a new user-ID with PGP -ke, then remove the old one with PGP -kr.
Any signatures against the old ID will be lost when it is removed
(which is as it should be).
13) PGP currently has no way of revoking old user-IDs - even though you
remove it from your keyring, it will persist on other people's keyrings
because when they add the new version of your public key PGP merges any
new user-IDs with user-IDs already present.
The only solution I can think of is to add a new user-ID of the form:
Fred Bloggs on Dingbat BBS is no longer valid - please remove.
14) The most commonly used commands are:
PGP -kg generate a secret key for yourself
PGP -ka <file> add public key from file
PGP -kv <id> view public keys matching <id>
PGP -kxa <id> <file> extract public key for <id> to <file>
PGP <file> decrypt file and/or check signature
PGP -sta +clearsig=on <file> sign cleartext message
PGP -esa <file> <id> sign <file> and encrypt it to <id>
You don't have to type in a full user-id - PGP will look for keys which
contain the text given in <id>. For -kv and -kxa, PGP will return all
matching keys. For -esa, PGP will use the first matching key, so you
must enter enough text to unambiguously specify the desired recipient.
If someone has two different public keys, you can specify the numeric
key-ID (or part of it) by prefixing it with `0x'. E.g., to view key-IDs
matching 9876 use PGP -kv 0x9876.
If you have RISC OS 3, Peter Gaunt's PGPwimp provides a front end
which means you don't have to remember all those messy commands and
can either run pgp in a command window or a taskwindow (see the next
item for pitfalls in running PGP in a taskwindow).
15) When running PGP in a task window, key-presses sometimes appear to get
`lost' - this appears to be due to a bug in the C `txt' library routines
as other programs which use them also have this problem.
The `missing' characters have actually registered, it's just that the
window hasn't been updated correctly - pressing another key will cause
both it and the missing character to occur. Since this sometimes happens
when there is no more text to input (for instance when you press <Return>
after entering your pass-phrase), it is useful to know that pressing any
of the four cursor keys will cause the character to appear without
entering unwanted text.
16) It's *very* much easier to use PGP when it's integrated with your
mailer. If you use ReadNews for usenet news and mail, then you should
pick up a copy of RNscripts4PGP which add PGP functions to ReadNews.
ReadNews is designed to work with RUCP (an Archimedes version of UUCP),
so these scripts are currently only of use to users with UUCP
connections. Some BASIC programs are currently under development which
allow ReadNews to interoperate with ka9q for users with TCP/IP SLIP
connections.
17) BBS users probably use Reader (Archimedes BBS format only) or ReaderS
(multiple BBS formats - shareware). Currently there is no way of
integrating PGP with Reader(S). Decryption is just a matter of
extracting the relevant message and running PGP on it. Encryption is a
little messier:
a) Use your favourite editor to compose your message. If you're
replying to a message, extract it as a file (if it's encrypted
you'll then have to run PGP), and edit the extracted message to
add your rep