PGP Signature Setup & Config
Wayne Pascoe
freebsd at penguinpowered.org.uk
Tue Apr 15 10:17:47 PDT 2003
On Tue, Apr 15, 2003 at 08:48:59AM -0700, Sêrêciya Kurdistanî wrote:
> I'm interested in implementing a PGP, and I'd like to poll those
> of you who could give me pointers on where to start ;)
I would suggest using GNUPG. It's in ports at /usr/ports/security/gnupg
> 1) Where do I go to setup my key(s)?
To create a key, use gpg --gen-key
> a) should I try to use a specific type of key?
> any compatibility issues?
I personally use the defaults (DSA and ElGamal key, 1024 bits)
Messages I encrypt can be decrypted by people using GNUPG and PGP alike.
> b) are there certain key servers preferred for posting public
> keys? commercial, non-commercial, etc...
Again, I personally use www.co.uk.pgp.net
> 2) How do I use it with "Mutt"?
One of the main reasons I moved to mutt was it's simplicity of use with
PGP. In my .muttrc I have the following :
--- Please excuse lines longer than 72 chars here, but I want to show
the config as it should be
set pgp_decode_command="gpg %?p?--passphrase-fd 0? --batch --output - %f"
set pgp_verify_command="gpg --no-verbose --batch --output - --verify %s %f"
set pgp_decrypt_command="gpg --passphrase-fd 0 --batch --output - %f"
set pgp_sign_command="gpg --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_clearsign_command="gpg --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
set pgp_encrypt_only_command="pgpewrap gpg -v --batch --output - --encrypt --textmode --armor -- -r %r -- %f"
set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 -v --batch --output - --encrypt --sign %?a?-u %a? --armor -- -r %r -- %f"
set pgp_import_command="gpg --import -v %f"
set pgp_export_command="gpg --export --armor %r"
set pgp_verify_key_command="gpg --batch --fingerprint --check-sigs %r"
set pgp_list_pubring_command="gpg --batch --with-colons --list-keys %r"
set pgp_list_secring_command="gpg --batch --with-colons --list-secret-keys %r"
set pgp_getkeys_command=""
set pgp_timeout=120
> a) are there any automated/simplified interfaces?
Just press y to send :)
Hope that all helps
--
Wayne Pascoe
More information about the freebsd-questions
mailing list