timil.com/riscos/pluto
Pluto Help Pluto Help

Pluto Help

The Original Pluto help files plus extras

This page up to date on: 25 Apr 2024

<= Help Index

FILE: pgp

From: Jonathan Duddington 
Subject: PGP
Date: Sun, 25 Jan 1998 17:55
Source: docs


Encryption and Authentication with PGP
======================================

Introduction
============

PGP is a public key encryption system.  Each person has two Keys, Public
and Secret.  You let other people know your Public Key and they use it to
encrypt messages to send to you.  Only your Secret Key can decrypt these
messages.  To send encrypted messages to other people, you need to know
their Public Keys.

In addition, you can "Sign" messages.  This adds a PGP SIGNATURE block at
the end of the message which acts as a sort of "checksum".  Someone who
has your Public Key can verify that the signature was produced by you and
that the contents of the message have not been tampered with.

An Acorn version of the PGP program, can be fetched from:
   http:/web.bham.ac.uk/N.M.Queen/pgp/acorn.html

There are some additional programs there which can be used as wimp front
ends to PGP.  You do not need these for its use with Pluto, but they may
be useful for Key management.


Installation
============

The PGP program must be somewhere where it will be found when run from
the command line, for example, in the $.Library directory.

The system variable PGPPATH must give the address of the directory which
contains the PGP keyring and other files.

It is recommended that you have the Memphis RAM filing system installed,
as this will speed up the operation of PGP.  Pluto will automatically
detect if Memphis is loaded and will use RAM to pass temporary files to
and from PGP.


Keys
====

To send signed messages and to receive encrypted messages you need to
have your own Key.

You generate your Key with PGP by typing the following command on the
command line or in a task window. 

   pgp -kg

When asked for your user name, enter your full name followed by your
email address in angle brackets.  eg:

   Jonathan Duddington 

PGP will generate a Secret and Public Key pair, and will ask you for a
pass-phrase to protect access to the Secret Key.  You can then produce an
ascii version of your Public Key by:

   pgp -kxa 

where  can be any substring of your full user name that is
sufficient to find your key.  You can then distribute this ascii version
of your Public Key so that people can use it to send you encrypted
messages or can verify your signature.

Your own Secret Key is protected by its pass-phrase.  Pluto will ask you
for this pass-phrase when you need to access your Secret Key to sign a
message or to decrypt a message.  When you are asked for the pass-phrase,
if you tick the "Hold" option then Pluto will remember your pass-phrase
and will not ask you for it again (if it is for the same one of your user
names).  Pluto does not store your pass-phrase to disc and will forget it
when you quit Pluto.  You should not ask Pluto to Hold your pass-p are asked for the pass-phrase,
if you tick the "Hold" option then Pluto will remember your pass-phrase
and will not ask you for it again (if it is for the same one of your user
names).  Pluto does not sase
if you might leave your computer unattended with Pluto running.


Encrypting Messages
===================

To send an encrypted message to someone, you need to have their Public
Key on your keyring.

Pluto will encrypt an email when you post it if either:

a.  The destination email address is in Pluto's address book, and this
address book entry has the "Encrypt" option ticked.  Pluto will attempt
to encrypt the message if any of the destination addresses, from the To,
Cc, and Bcc fields have their Encrypt option set.

b.  You add the characters @~@~ to the end of the Subject field in the
Write Mail window.  Pluto will remove the @~@~ characters when it sends
the message.

c.  You select PGP->Encrypt from the Write Mail window menu.

If Pluto can't find the Public Key for any of the destination addresses,
then an error message will appear and the message will not be sent.  You
can then remove or change addresses and re-post the message.

If you want to prevent a message from being encrypted, even to a
destination for which encryption is normally applied, select 
PGP->Inhibit_Encrypt  from the Write Mail window.

Signing Messages
================

To send a PGP signed message, you need access to your Secret Key.  Pluto
will prompt you for your pass-p rase which allows access to your Secret
Key.

Pluto will sign a message when you post it if either:

a.  Any of the destination email addresses are in Pluto's address book,
and this address book entry has the "PGP Sign" option ticked.

b.  The message is being sent to a newsgroup or a mailing list which has
the "PGP Sign" option ticked in Pluto's NewsGroups list.

c.  You add the characters :@:@ to the end of the Subject field in the
Write Mail or Write News window.  Pluto will remove these characters when
it sends the message.

d.  You select  PGP->Sign  from the Write Mail/News window menu.

If you want to prevent a message from being signed, select
PGP->Inhibit_Sign from the Write Mail/News window.

Messages can be both signed and encrypted if required.

Decrypting Messages
===================

To decrypt an encrypted message, view it using the Article Viewer.  It
should start with the line:
   -----BEGIN PGP MESSAGE-----

Press CTRL-Y.

Pluto will prompt you for the pass-p are asked for the pass-phrase,
if you tick the "Hold" option then Pluto will remember your pass-phrase
and will not ask you for it again (if it is for the same one of your user
names).  Pluto does not sase to gain access to your secret
key.  The message will then be decrypted and shown as plain text in the
Article Viewer.

If you want to store the decrypted form of the article, press SHIFT-F3,
or Adjust-Click on the Save button in the Article Viewer.

Verifying Signatures
====================

If you receive a PGP signed message, it will start with the line:
   -----BEGIN PGP SIGNED MESSAGE-----

To verify the message you need to have the sender's Public Key on your
keyring. Press CTRL-Y.

Pluto will remove the PGP signature and indicate either:
-  The signature was recognised and good.
-  The signature was not known - you do not have the sender's Public Key.
-  The signature was bad indicating a tampered or corrupted message.

If you want to store the article with the signature removed, press
SHIFT-F3, or Adjust-Click on the Save button in the Article Viewer.

Aliases
=======

Email addresses are used to lookup Public Keys on your keyring.  If the
Key on your keyring has a User Id which is different from the email
address which its owner is using, you can set up an alias to recognise
his new email address.

Choose  Lists->PGP_Aliasas  from Pluto's icon bar menu.  This will open a
text file in which you can set up aliases.  Enter the new email address
followed by spaces or tabs then the User Id by which the key is
recognised on your keyring.  Make sure the last entry in the list is
followed by a newline character.   Eg:

  jon@duddington.demon.co.uk  jsd@argonet.co.uk

You can view the contents of y

<= Help Index

Please note that Pluto is supplied with a more comprehensive and up-to-date StrongHelp manual than these text files. Select Help… in Pluto’s iconbar menu.

RISC OS Open
RISC OS Open
RISC OS South West Show RISC OS South West Show
Add this event to your Google Calendar
Wikipedia/RISC_OS
RISC OS at WIKIPEDIA
Wakefield Show 2023 Wakefield Show 2023
Add this event to your Google Calendar
RISC OS London Show RISC OS London Show
Add this event to your own Google Calendar
Go up a directory
timil.com (business site)
Give some feedback.
The Young Theatre Archive
Tim's Blue Bike
Butterwick, Lincs
Holtspur, Bucks
tjrh.uk (personal site)
Copyright information
Top of page

 © Copyright Reserved 2024 ©