The Original Pluto help files plus extras
This page up to date on: 28 May 2020
From: Jonathan Duddington
Subject: PGP Date: Sun, 25 Jan 1998 17:55 Source: docs Encryption and Authentication with PGP ====================================== Introduction ============ PGP is a public key encryption system. Each person has two Keys, Public and Secret. You let other people know your Public Key and they use it to encrypt messages to send to you. Only your Secret Key can decrypt these messages. To send encrypted messages to other people, you need to know their Public Keys. In addition, you can "Sign" messages. This adds a PGP SIGNATURE block at the end of the message which acts as a sort of "checksum". Someone who has your Public Key can verify that the signature was produced by you and that the contents of the message have not been tampered with. An Acorn version of the PGP program, can be fetched from: http:/web.bham.ac.uk/N.M.Queen/pgp/acorn.html There are some additional programs there which can be used as wimp front ends to PGP. You do not need these for its use with Pluto, but they may be useful for Key management. Installation ============ The PGP program must be somewhere where it will be found when run from the command line, for example, in the $.Library directory. The system variable PGPPATH must give the address of the directory which contains the PGP keyring and other files. It is recommended that you have the Memphis RAM filing system installed, as this will speed up the operation of PGP. Pluto will automatically detect if Memphis is loaded and will use RAM to pass temporary files to and from PGP. Keys ==== To send signed messages and to receive encrypted messages you need to have your own Key. You generate your Key with PGP by typing the following command on the command line or in a task window. pgp -kg When asked for your user name, enter your full name followed by your email address in angle brackets. eg: Jonathan Duddington PGP will generate a Secret and Public Key pair, and will ask you for a pass-phrase to protect access to the Secret Key. You can then produce an ascii version of your Public Key by: pgp -kxa where can be any substring of your full user name that is sufficient to find your key. You can then distribute this ascii version of your Public Key so that people can use it to send you encrypted messages or can verify your signature. Your own Secret Key is protected by its pass-phrase. Pluto will ask you for this pass-phrase when you need to access your Secret Key to sign a message or to decrypt a message. When you are asked for the pass-phrase, if you tick the "Hold" option then Pluto will remember your pass-phrase and will not ask you for it again (if it is for the same one of your user names). Pluto does not store your pass-phrase to disc and will forget it when you quit Pluto. You should not ask Pluto to Hold your pass-p are asked for the pass-phrase, if you tick the "Hold" option then Pluto will remember your pass-phrase and will not ask you for it again (if it is for the same one of your user names). Pluto does not sase if you might leave your computer unattended with Pluto running. Encrypting Messages =================== To send an encrypted message to someone, you need to have their Public Key on your keyring. Pluto will encrypt an email when you post it if either: a. The destination email address is in Pluto's address book, and this address book entry has the "Encrypt" option ticked. Pluto will attempt to encrypt the message if any of the destination addresses, from the To, Cc, and Bcc fields have their Encrypt option set. b. You add the characters @~@~ to the end of the Subject field in the Write Mail window. Pluto will remove the @~@~ characters when it sends the message. c. You select PGP->Encrypt from the Write Mail window menu. If Pluto can't find the Public Key for any of the destination addresses, then an error message will appear and the message will not be sent. You can then remove or change addresses and re-post the message. If you want to prevent a message from being encrypted, even to a destination for which encryption is normally applied, select PGP->Inhibit_Encrypt from the Write Mail window. Signing Messages ================ To send a PGP signed message, you need access to your Secret Key. Pluto will prompt you for your pass-p rase which allows access to your Secret Key. Pluto will sign a message when you post it if either: a. Any of the destination email addresses are in Pluto's address book, and this address book entry has the "PGP Sign" option ticked. b. The message is being sent to a newsgroup or a mailing list which has the "PGP Sign" option ticked in Pluto's NewsGroups list. c. You add the characters :@:@ to the end of the Subject field in the Write Mail or Write News window. Pluto will remove these characters when it sends the message. d. You select PGP->Sign from the Write Mail/News window menu. If you want to prevent a message from being signed, select PGP->Inhibit_Sign from the Write Mail/News window. Messages can be both signed and encrypted if required. Decrypting Messages =================== To decrypt an encrypted message, view it using the Article Viewer. It should start with the line: -----BEGIN PGP MESSAGE----- Press CTRL-Y. Pluto will prompt you for the pass-p are asked for the pass-phrase, if you tick the "Hold" option then Pluto will remember your pass-phrase and will not ask you for it again (if it is for the same one of your user names). Pluto does not sase to gain access to your secret key. The message will then be decrypted and shown as plain text in the Article Viewer. If you want to store the decrypted form of the article, press SHIFT-F3, or Adjust-Click on the Save button in the Article Viewer. Verifying Signatures ==================== If you receive a PGP signed message, it will start with the line: -----BEGIN PGP SIGNED MESSAGE----- To verify the message you need to have the sender's Public Key on your keyring. Press CTRL-Y. Pluto will remove the PGP signature and indicate either: - The signature was recognised and good. - The signature was not known - you do not have the sender's Public Key. - The signature was bad indicating a tampered or corrupted message. If you want to store the article with the signature removed, press SHIFT-F3, or Adjust-Click on the Save button in the Article Viewer. Aliases ======= Email addresses are used to lookup Public Keys on your keyring. If the Key on your keyring has a User Id which is different from the email address which its owner is using, you can set up an alias to recognise his new email address. Choose Lists->PGP_Aliasas from Pluto's icon bar menu. This will open a text file in which you can set up aliases. Enter the new email address followed by spaces or tabs then the User Id by which the key is recognised on your keyring. Make sure the last entry in the list is followed by a newline character. Eg: firstname.lastname@example.org email@example.com You can view the contents of y
Please note that Pluto is supplied with a more comprehensive and up-to-date StrongHelp manual than these text files. Select Help… in Pluto’s iconbar menu.