Here is a quick and simple guide to some common pgp tasks.  I am using the freeware version of pgp5

instead of using he command pgp for everything, now it is broken up over 5 commands. 
pgpe   Encrypt (including Encrypt/Sign)
pgps   Sign
pgpv   Verify/Decryptpgpk   Key management
pgpo   PGP 2.6.2 command-line simulator (not yet implemented)

To create a new key you need to type "pgp -g" and follow the directions. You should probably read a bit about hte different type of keys, and the sizes that are suggested. This can almost be a religious battle.  Check out http://www.scramdisk.clara.net/pgpfaq.html for some details on the differences.  To give you a small hint, I used the max size of the DSS/Diffie-Hellman alogrithm.  Use "pgpk -a keyfile" to add a key to your keyring. You can extract your public key from your keyring in ascii by typing "pgpk -xa userid -o file". This is what you need to do to send it to others via email. I usually for get to extract it in ascii and then send it to someone and they can't use it since I pasted it in an email.  You can view the keys in your keyring also by typing "pgpk -l".  For more stuff with key management just type pgpk and it will give you the full list,but I never use many of them daily, just the ones above.

Type "pgpv encryptedfile" to decrypt a file.

Type "pgps filetosign" to sign a file if you only have one private key to sign with. Type "pgps -u userid filetosign" to sign with a specific userid if you have more than one. 

The one that gives me more grief is encrypting a file. i can never remember what flags I need to do to encrypt the msg with the proper key and make sure it is acsii.  Type "pgpe -a -r userideyouaresendingto -u useridyouaresendingfrom -o outfile fileyouwantencrypted" Again, the -a for ascii is important if you are gonna paste it into email like I usually do.  You can leave off the -u if you only encrypt from one key, but I send from more than one so I have to specify it or i can't remember who I encrypted it from, or the right passphrase to encrypt.  Add the -s to sign the encrypted file also.

Also, you can just just the beginning of a userid when you encrypt and sign things, so you don't have to type out a whole long mess.  Typing "tech" is easier then typing "technoid <technoid@defcon1.org>"


Please direct any questions/comments/gripes to technoid@defcon1.org

This site cannot be duplicated without permission.
     This site is Copyright © 1998-99 Defcon1.Org