Gossamer Forum
Home : General : Internet Technologies :

PGP/GnuPG for Dummies

Quote Reply
PGP/GnuPG for Dummies
Hi All

Been trying to figure out how to use the PGP and GnuPG encryption keys and things.

I snagged WinPT and installed GnuPG on my XP machine.

Could someone give me a rundown of the basics on how the whole encryption process works? I'm not quite getting which keys go where, how to apply them to encrypt/decrypt things, etc.

We'll be doing pretty much two things:

1. Encrypting order information on the site to be downloaded and then decrypted locally

2. Encrypting email

Also, can GnuPG read PGP-encrypted material?

Thanks very much Smile

------------------------------------------

Last edited by:

DogTags: Feb 18, 2004, 6:07 AM
Quote Reply
Re: [DogTags] PGP/GnuPG for Dummies In reply to
You send the "Public Key" to your friends, etc so they can use it to encrypt files to send to you. Your "Private Key" is used to de-crypt the files. If you want to send an encrypted file to 10 people you'd need all ten of their public keys (but you don't have to run the --encrypt thingy 10 times only once with each 'name' in the list).

Check out http://www.glump.net Brendan Kidwell has done a fairly good 'plain english' tutorial. (also check out the gnupg.org FAQ)

I tried using Perl to execute a system command to encrypt the files but had to shelve that project for a while. Check my post regarding it for some ideas.

Someone replied, but the reply mysteriously disappeared (pretty sure it was the ghost of Paul Wilson).

Here is what he/she gave in the way of code:

$ENV{GNUPGHOME} = qq!/home/user/.gnupg!;
my $gpg = qq!/usr/local/bin/gpg --always-trust --ear!;
my $gus = 'sales@domain.com':
my $enc = qx/echo -n \"$eml\" | $gpg $gus/;

Not exactly sure how to implement it though... There are some Perl Mods for GPG but I personally find the documentation too cryptic (no pun intended) to be useful for a recreational hacker such as myself.

Please post whatever you discover - I'm very interested in this, but really can't invest the time at the moment.

PS: Yes you can use GPG to work with PGP provided everyone is using relatively modern versions of everything.

Last edited by:

Watts: Feb 18, 2004, 10:56 AM
Quote Reply
Re: [Watts] PGP/GnuPG for Dummies In reply to
Hey, thanks. I'll check out all that you mentioned. Would love to get this working. Very useful.

I think this is the glump article that you mentioned:

http://www.glump.net/...ve/000060.php#000060

Thanks, again Smile

------------------------------------------

Last edited by:

DogTags: Feb 18, 2004, 11:29 AM
Quote Reply
Re: [DogTags] PGP/GnuPG for Dummies In reply to
Yep... here is a Perl Script I run locally (on WinXP) to encrypt a file without having to do a bunch of typing (because I'm lazy that way). It's useful to encrypt a file you want to attach to an email, etc.

Code:
print "Which file do you want to encrypt? ";
$fileIs = <STDIN>; #wait for input
chomp($fileIs); #strip off return
$fileIs =~ tr/A-Z/a-z/;
unless(rename($fileIs, 'temp.txt'))
{print "rename failed.\n"}
system('gpg --recipient "Mike Watts" --output "temp.txt.gpg" --encrypt "temp.txt"');
unless(rename('temp.txt.gpg', $fileIs.'.gpg'))
{print "rename of gpg file failed.\n"}
print "File Encrypted";

Of course you'd need substitute your name instead of mine.
.

Last edited by:

Watts: Feb 18, 2004, 12:02 PM
Quote Reply
Re: [Watts] PGP/GnuPG for Dummies In reply to
Do you know if you can make an encrypted file "decryptable" by several private keys?

What I mean is we might make several admin or supervisory users eligible to decrypt order data. We don't want to encrypt the order data for each eligible admin. We just want to say, "Hey, here are today's orders and they may be unlocked by admin1, admin2, and admin3."

Then, when either admin1/2/3 retrieve the data, they can unlock it and then process the orders.

Thanks Smile

------------------------------------------

Last edited by:

DogTags: Feb 24, 2004, 5:14 AM
Quote Reply
Re: [DogTags] PGP/GnuPG for Dummies In reply to
Personally? I'm not sure. I'm pretty sure you can do "gpg blah --recipient Bob --recipient Joe --recipient Tom --blah" provided you have a public key for each.

Perhaps you could install your private key on each of their systems?

Please post whatever you fnd out.
Quote Reply
Re: [DogTags] PGP/GnuPG for Dummies In reply to
Hi,

Yes, you can. If you encrypt a message from orders and to admin1, admin2, admin3, then each of those users can decrypt it using their own private key. User 'orders' that does the encrypting needs to have the public keys of admin1,admin2 and admin3.

Cheers,

Alex
--
Gossamer Threads Inc.
Quote Reply
Re: [Alex] PGP/GnuPG for Dummies In reply to
Thanks, All. That's good news, Alex. Takes a little load off. Still have a long way to go....will continue this thread

Smile

------------------------------------------