PGP

Pretty Good Privacy (PGP) is actually a very advanced encryption method for any sort of file you might happen to have. The most common use for PGP is to encrypt confidential messages for e-mailing. By using PGP you can be assured that even if the message is intercepted it would be impossible to decode wihtout the right key. PGP can also be used to verify that the message is authentic and has not been tampered with or forged. This document is not intended as a complete guide to using PGP. There are other locations on the web that do a much better job of this. This is only intended as a quick start guide to get you up and running with a minimum of fuss.

Creating your PGP key

A PGP key is what is used to encrypt and decrypt documents and files. You must create a key in order to be able to use PGP.

1. Type mkdir ~/.pgp
   This creates the directory where all of the pgp infomration is stored
2. Type pgp -kg
   This will generate the key. Choose the defaults for all of the prompts except how many bits your key will use. You'll want to use the 1024 bit key option. This provides the most security.
3. Type cd ~/.pgp
   This puts you into the .pgp directory
4. Type pgp -kxa
   This will extract a public key into an ascii (text) file for you. When it aks for an ID please enter the one you chose during step 2. It will also prompt you for a file to store the key in. You can later add the contents of this file to your .plan file so people will be able to encode message they send to you.

Encrypting and Signing Mail with PGP

Perhaps the most common use of PGP is to encrypt and/or validate mail. By encrypting mail with PGP you have a secure method for sending people confidential information (such as passwords, financial data and so forth). If you use PGP to validate mail (but not necessarily to encrypt it) you can ensure that the recipients that it is an authentic message and has not been forged or tampered with.

Encryption of mail:

There are a number of third party programs that can automatically handle the details of pgp encrypting mail. However, not all people have access to these so we will assume that we are working with nothing more than a unix prompt and pine. The first step is to actually write the document that you want to send to some one. This document doesn't necessarily need to be in ascii format. One of the great advantages of pgp is its ability to encrypt and kind of file or document. You could just as easily encrypt a jpeg picture file, or a Word 6.0 document as easily as an ascii document you created with pico. In each case the proceedure is identical.
One caveat: you must have the recipients public key before you can make use of this. If you do not encrypt it with their public key they will not have a way of decoding the message.

1. Create the document and place it in your home directory
2. type pgp -seat [filename] [recipients_pgp_id] -u [your_pgp_id]
3. This creates a new file called [filename].asc which is encrypted with their pgp public key and signed with yours. Signing it helps prevent forgery from occuring. You should get into the habit of signing every document you encrypt with pgp.
4. In pine use ^r (control-r) and enter [filename].asc. This will read the encrypted ascii file into the mail message.

Validating mail:

Signing mail with pgp is commonly used to send unencrypted official mail to mailing list, news groups or people without pgp keys. By signing the mail you provide a means by which people can verify that the mail actually came from you. Like encrypting a document you can also sign any type of file or document.

1. Create the document and place it in your home directory
2. Type pgp -sat [filename] if it is a text file and pgp -sb [filename] if it is a binary file
   If you have signed a binary file then it will create another file call [filename].asc which you can then use to verify that the binary file has not been tampered with.
3. In pine use ^r (control-r) and enter [filename].asc to mail the file.

Decrypting Mail with PGP

If someone sends you mail or a file encrypted with your public key it is necessary to decrypt the file into a readable form. This is actually a very simple process.

1. If you are in a mail reader export the message to a file in your home directory.
2. Type pgp [filename]
3. Enter your pgp passphrase when prompted.

PGP resources on the Web

Need to know more? Have a question about PGP? Take a look here first!

• The PGP Mini-FAQ: Reccomended for beginners!
• The PGP Users Guide A complete step by step guide.
• The PGP FAQ: Essential reading.
• The PGP Home Page: Comprehensive source for everything PGP related.

Return to Internal Documents

Revision 1.1:May 7, 1996:CJR