Getting Started with PGP for UNIX (A cookbook approach)
Here are the basics for getting started with PGP (Pretty Good
Privacy). This software is should be used for encrypting confidential data
and creating keys that you can use for sharing this data with other
people. This can be done in such a way that only those people who you wish
to see the data can do so. In order to correspond with other pgp users you
need a copy of their public key, and they need a copy of yours. You use
your private key to sign the email messages and file attachements you send
to others and to decrypt the messages and files they send to you.
Conversely, you use the public keys of others to send the encrypted email
to to verify their digital signatures.
Creating Your Public and Private Keys -
First you need to create a public and a private key. You will use
your private key to encrypt your data. The public key is to be given to
whomever you intend to share data.
1. To create this pair of keys enter the command 'pgp -kg'.
2. You will be prompted to choose an algorithm; take the default, DSS/DH,
item number 1.
3. Next you will be prompted for the type of key to create; unless you
have done this before, take the default, item 1, to create a new key.
4. For the size of your key, again take the default item 1 for a size of
1024 bits.
5. Follow the format in the example for creating a user ID.
6. Enter '0' (zero) for the validity period.
7. Now you will be asked for a passphrase. Create one using the same
rules as for a strong password. You will have to type it in twice.
8. Type 'y' to create an encryption key.
9. Again choose item 1, 1024 bits for the key size.
10. Again enter '0' (zero) for the validity period.
11. You will be asked to enter some random key strokes for pgp to use to
generate some random data. You will see something like this:
Enough, thank you.
........******* .............................................******* .
12. Lastly you will be asked if this should be your default signing key.
Type 'y', and you will see something like this:
..............................*******
.....................................................................*******
Key generation completed.
Sharing Your Public Key -
You will now have a .pgp directory in your login directory which
will have a number of files in it, including your public and secret key
rings. In order to share your public key you need to take it off the
public key ring and save it as a file that can be sent to your cohorts for
inclusion in their public key rings. You can also distribute your public
key and search for other public keys on a key server such as
http://pgp.mit.edu/
To save your public key as a file enter the command:
'pgp -kx'
You will be prompted for the name of your file. Call it 'public_key', and
you will see the following friendly message: Key extracted to file
'public_key.pgp'.
Encrypting and Decrypting Messages -
To encrypt a text file for viewing by a particular user, you
issue the command:
'pgp -e filename recipients_userid'.
'filename' is the name of the text file you wish to encrypt.
'recipients_userid' is the id from the public key sent to you by the user
with you you wish to correspond. For more than one recipient continue to
add userid's to the command line.
If you just wish to encrypt a file, but not to share it, issue the
command:
'pgp -c filename'
To decrypt a text file that has been sent to you, issue the
command:
'pgp -p filename'
Where to Get More Information on PGP -
PGP Command Line User's Guide at
ftp://ftp.pgpi.org/pub/pgp/6.5/docs/english/PGPCmdLineGuide.pdf
The MIT Distribution Center for PGP at http://web.mit.edu/network/pgp.html
