Here is a quick and simple guide to some common pgp tasks. I am using the freeware version of pgp5

instead of using he command pgp for everything, now it is broken up over 5 commands. 
pgpe  Encrypt (including Encrypt/Sign)
pgps  Sign
pgpv  Verify/Decryptpgpk  Key management
pgpo  PGP 2.6.2 command-line simulator (not yet implemented)

To create a new key you need to type "pgp -g" and follow the directions. You should probably read a bit about hte different type of keys, and the sizes that are suggested. This can almost be a religious battle. Check out http://www.scramdisk.clara.net/pgpfaq.html for some details on the differences. To give you a small hint, I used the max size of the DSS/Diffie-Hellman alogrithm. Use "pgpk -a keyfile" to add a key to your keyring. You can extract your public key from your keyring in ascii by typing "pgpk -xa userid -o file". This is what you need to do to send it to others via email. I usually for get to extract it in ascii and then send it to someone and they can't use it since I pasted it in an email. You can view the keys in your keyring also by typing "pgpk -l". For more stuff with key management just type pgpk and it will give you the full list,but I never use many of them daily, just the ones above.

Type "pgpv encryptedfile" to decrypt a file.

Type "pgps filetosign" to sign a file if you only have one private key to sign with. Type "pgps -u userid filetosign" to sign with a specific userid if you have more than one. 

The one that gives me more grief is encrypting a file. i can never remember what flags I need to do to encrypt the msg with the proper key and make sure it is acsii. Type "pgpe -a -r userideyouaresendingto -u useridyouaresendingfrom -o outfile fileyouwantencrypted" Again, the -a for ascii is important if you are gonna paste it into email like I usually do.  You can leave off the -u if you only encrypt from one key, but I send from more than one so I have to specify it or i can't remember who I encrypted it from, or the right passphrase to encrypt. Add the -s to sign the encrypted file also.

Also, you can just just the beginning of a userid when you encrypt and sign things, so you don't have to type out a whole long mess. Typing "tech" is easier then typing "technoid <technoid@defcon1.org>"


Please direct any questions/comments/gripes to technoid@defcon1.org

This site cannot be duplicated without permission.
   This site is Copyright © 1998-99 Defcon1.Org