You’ve read about using PGP with Outlook Express in Windows to encrypt and decrypt
messages. PGP software is also available for Linux. We configured PGP to work with Kmail,
which is an e-mail program in Linux. To set up PGP, mount this month’s CD and copy
the file pgp50i-unix-src.tar.gz to a directory, say /opt. Uncompress and untar the file as
follows:
mount /mnt/cdrom
cp /mnt/cdrom/cdrom/linux/pgp/pgp50i-unix-src.tar.gz /opt
cd /opt
tar -zxvf pgp50*
This will create a directory pgp50i in /opt directory. Change to the src sub-directory
in this directory and issue the following:
./configure
make
make install
Next, edit a file named profile in /etc directory to append a line:
export PATH=$PATH:/usr/local/bin
This will include /usr/local/bin in the path. PGP executables are placed in this
directory.
Creating the public-private key pair
The next step is to create your public-private key pair. These are generated as
follows:
pgpk -g
You’ll be prompted to answer some questions. The first lets you select between DSS
or RSA encryption techniques. The next step lets you choose the key size. This specifies
the number of bits to be used in keys, and can be between 768 to 2,048 bits for RSA and
768 to 4,096 bits for DSS. Higher number of bits takes more processing power, so it takes
longer to generate the keys, and encrypt and decrypt mail messages. Next you are asked to
enter a user ID, which can be just your name, or in the form of ‘name
‘shekhar
address associated with the key.
In the next step, you enter the number of days for which your key will be valid
starting from the date of its generation. The key will never expire if you set this value
to zero, which is the default value. Next, you’re asked for a passphrase or password,
which will be used each time you encrypt your or decrypt your e-mail. The next step is the
key generation process. To generate a truly random key pair, it’s better to generate
movement in your system, for example, through your keyboard or mouse. You can then submit
your key on a key server by entering its URL, for example, http://pgpkeys.mit. edu:11371.
Configuring Kmail
Now that PGP’s configured, it’s time to use it with an e-mail client. First
ensure that you have the K-Desktop installed. If you want it to run whenever you give the
‘startx’ command, type ‘kde’ in a file .xinitrc in your home
directory. Now run Kmail by selecting K>Internet>Mail client. Next, select Settings
from the File menu and click on the PGP tab. Enter your PGP user ID, which is
‘shekhar
gives you the option of storing the passphrase. If you check this option, your passphrase
will be asked only once and then be stored in memory. Checking the second option lets you
see the encrypted e-mail which you send.
Receiving encrypted e-mail
You have to first distribute your public key to the people from whom you want to
receive encrypted mail. Your public key can be given on a floppy, kept on a key server
(explained earlier), or sent as an attachment. For sending it as an attachment in Kmail,
compose a new mail, fill in the e-mail ID of the recipient, and from the Attach menu,
select Attach Public Key. From the list, which would as of now contain only your public
key, select your public key, and click the Send button. The recipient of your e-mail must
add your public key to his key ring. You’re now ready to receive encrypted e-mail.
When you select encrypted mail in your inbox, you’ll be prompted for your passphrase,
and then Kmail will show you the decrypted message. You can also decrypt mail by first
saving it as a file and then issuing the command:
pgpv
Sending encrypted e-mail
To send encrypted e-mail, you must first obtain the public key of the person you want
to send mail to. In this case, the person would use the above procedure to make the public
key available to you, provided he uses Kmail. When you get a public key as an attachment,
you must add the key to your key ring. For this, save the public key file, say, in your
home directory. Then change to your home directory, and add it to your key ring by issuing
the following command:
pgp -a public_key.asc
where public_key.asc is the name of the public key.
If the public key is on a key server, you can retrieve the key from the server as:
pgpk —a
For example, pgpk —a sachin
This will extract the public key with user ID sachin
to your key ring.
Now, compose a new e-mail and enter the e-mail address of your friend. Then select the
red key icon in the menu. This will encrypt the mail using your friend’s public key.
If you want to encrypt an attachment that you’re sending, you must encrypt it
separately, and then attach it to the mail. This can be done as:
pgpe - c
Now you are ready to send your PGP encrypted mail.
This article originally appeared in PCQ December 31, 2000.