199 lines
8.5 KiB
Plaintext
199 lines
8.5 KiB
Plaintext
|
|
|
|
|
|
|
|
(word processor parameters LM=8, RM=75, TM=2, BM=2)
|
|
Taken from KeelyNet BBS (214) 324-3501
|
|
Sponsored by Vangard Sciences
|
|
PO BOX 1031
|
|
Mesquite, TX 75150
|
|
|
|
There are ABSOLUTELY NO RESTRICTIONS
|
|
on duplicating, publishing or distributing the
|
|
files on KeelyNet except where noted!
|
|
|
|
March 2, 1994
|
|
|
|
HOW_PGP.ASC
|
|
--------------------------------------------------------------------
|
|
This file shared with KeelyNet courtesy of Ken Wells.
|
|
--------------------------------------------------------------------
|
|
Bert Pool's PGP cookbook:
|
|
|
|
PGP has great encryption software, but the documentation does NOT
|
|
present the "how to" in a very useable order. All the instructions
|
|
are in there, somewhere, but the information is NOT ordered so that
|
|
you can "abc" it and DO something!
|
|
|
|
Below is my PGP cookbook, with four basics steps to setup PGP so you
|
|
can send and receive encrypted data. Enjoy.
|
|
--------------------------------------------------------------------
|
|
In order to use PGP you have to, in this order:
|
|
|
|
a) create a secure "private" key - this is your unique secret key
|
|
phrase and file that only you know. Never ever write down down
|
|
your pass phrase. Never ever forget it. Make it something very
|
|
complex that you can remember.
|
|
|
|
b) create a "public" key file which OTHER people will use to encode
|
|
messages and files which they will send to you. You will make
|
|
this key file available to everyone who might need to send you a
|
|
secure file.
|
|
|
|
c) You need to receive other PGP user's public keys and store them
|
|
on your key ring.
|
|
|
|
d) You will use a person's public key to decode a message or file
|
|
that they have sent you.
|
|
|
|
PGP does other fancy things, and I won't get into those. Below are
|
|
details of the minimum basics:
|
|
|
|
a & b) To create your private and public keys, type "PGP -kg".
|
|
Follow the on screen instructions. Select the military grade
|
|
of encryption from the menu. Sure, it will take longer for
|
|
PGP to generate you a military grade encryption key, but it
|
|
will be a SECURE key. If you tire of waiting, then go fix
|
|
yourself a cup of cocoa. I like to put those teeny
|
|
marshmallows in mine.
|
|
|
|
You will be asked for your name. Enter first, middle initial,
|
|
last. Don't just enter "Bob Smith". There are going to be
|
|
hundreds, thousands of Bob Smith's out there. Make it so that
|
|
|
|
Page 1
|
|
|
|
|
|
|
|
|
|
|
|
your friend in lower Slobovia who wants to send you a secure
|
|
document can pick you out of a list of many Bob Smiths without
|
|
a lot of guessing. If you have a net i.d., you can tack the
|
|
i.d. onto the end of your name (pgp will give you an example).
|
|
|
|
You will be asked to enter a pass phrase. Make it long. Make
|
|
it complex. Make it something not even your mother could
|
|
guess. Do NOT make the stupid mistake of using your birth
|
|
place, social security number, date of birth, parents names,
|
|
spouse name or birth date, your kid's names, etc. DO NOT
|
|
WRITE IT DOWN, EVER. DO NOT STORE IT IN YOUR COMPUTER, EVER.
|
|
You are making it up, so you should be able to make it
|
|
something you can remember. Make it something you will never
|
|
ever forget. If you forget it, no one can help you. You will
|
|
be doomed to receive documents and files that you can never
|
|
decrypt and read. You will be miserable.
|
|
|
|
Anyway, from this pass phrase entry work, a public key file
|
|
and a secret key file will be produced.
|
|
|
|
Your SECRET key file is NOT to be given to anyone. Keep it
|
|
secure. ***** Do not save it in a networked p.c.! ***** Keep
|
|
it on a diskette, which you keep in a very safe place.
|
|
Personally, I hide mine between the plastic wrapped cheese
|
|
slices in my 'fridge - but my wife has gotten used to my
|
|
little idiosyncracies like this.....
|
|
|
|
Your public key file will be placed in a file called
|
|
"pubring.pgp". You may copy your public key off of this ring
|
|
to a different file which you may send to your friends. See
|
|
step "d" below for specifics on this.
|
|
|
|
Your secret key file will be put on a secret ring, in a file
|
|
called "secring.pgp". This is the file that you want to keep
|
|
very secure.
|
|
|
|
c) Adding someone's public key to your public key ring:
|
|
|
|
Example:
|
|
|
|
Bob sends you his public keyfile on a diskette. You pop the
|
|
diskette into your p.c. and do a dir on the diskette and you
|
|
see a file "bobsmith.pgp". You wish to add this public key to
|
|
your public key ring (pubring.pgp) so that you may encode
|
|
files that you may wish to send Bob. To add his key to your
|
|
public ring you type:
|
|
|
|
"pgp -ka bobsmith.pgp pubring"
|
|
|
|
His key will be added to your public key ring. You may now
|
|
encode files using his public key. Only Bob Smith will be
|
|
able to decode the file you send him (assuming someone at his
|
|
house has not eaten a bacon, lettuce, tomato, cheese and
|
|
secret diskette sandwich).
|
|
|
|
To COPY your public key from your public key ring to a file
|
|
that you send to your friends, type:
|
|
|
|
|
|
|
|
Page 2
|
|
|
|
|
|
|
|
|
|
|
|
"pgp -kx userid keyfile pubring"
|
|
|
|
Example:
|
|
|
|
You will replace "userid" with your name (remember entering
|
|
your i.d. back in step a?) You will replace "keyfile" with
|
|
any name which you wish to use for your public key file name.
|
|
My name is Bert Pool, so I logically named my public key file
|
|
"bertpool.pgp". You can call it anything you want - but I
|
|
already have dibs on "bertpool.pgp". Make it some name that
|
|
your friends will recognize.
|
|
|
|
When I created a copy of my public key which I uploaded to
|
|
Keely Net, I typed:
|
|
|
|
pgp -kx "Bert" bertpool.pgp pubring
|
|
|
|
A file containing my public key was created, called
|
|
bertpool.pgp.
|
|
|
|
Your friends will add your public key to THEIR key rings using
|
|
step c, above. They will use it to encode messages sent FROM
|
|
THEM TO YOU. You will use your SECRET key ring and secret
|
|
pass phrase to decode any such files sent to you by your
|
|
friends.
|
|
|
|
d) decoding a file sent to you
|
|
|
|
Bob sends you an encrypted file called "payroll.pgp".
|
|
Obviously it contains sensitive information (executives get
|
|
real nervous when payroll information might accidently become
|
|
available to the masses), and so it was encrypted with YOUR
|
|
public key. You run to your fridge, dig through the cheese,
|
|
and ferret out your secret key ring disk, and pop it into your
|
|
p.c. (after wiping off the mustard, of course).
|
|
|
|
You type "pgp payroll.pgp -o payroll.txt". PGP will decrypt
|
|
the encoded file payrollpgp and produce a decoded file called
|
|
payroll.txt.
|
|
|
|
PGP comes with a file called PGP.HLP which is a very nice list
|
|
of all the PGP command options. You probably need to print
|
|
this out and keep it handy for reference, especially if you
|
|
ever need to do one of the upmteen special things that PGP
|
|
does so well.
|
|
|
|
Bert Pool
|
|
|
|
--------------------------------------------------------------------
|
|
Jerry W. Decker.........Ron Barker...........Chuck Henderson
|
|
Vangard Sciences/KeelyNet
|
|
--------------------------------------------------------------------
|
|
If we can be of service, you may contact
|
|
Jerry at (214) 324-8741 or Ron at (214) 242-9346
|
|
--------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
Page 3
|
|
|
|
|