Copy Link
Add to Bookmark
Report

PGP for Newbies

____________________________________ 
GUIDE TO (mostly) HARMLESS HACKING

Beginners' Series Number 4

PGP for Newbies
_____________________________________

Do you cringe at the idea of people snooping on your email and through the files on your computer? Encryption is the only way to be absolutely certain you can keep your private stuff really private. Even if you are a newbie, encryption can be surprisingly easy -- if you use the free PGP program, the encryption technique so powerful that it is illegal to use in some countries! The following GTMHH was written by Keydet89, so if you want to ask questions, email him and not me! (Carolyn Meinel).

This Guide will tell you about:

  • Creating your own keys
  • Importing keys
  • Creating a group of keys
  • Making your public key public
  • Encrypting Files
  • Encrypting your email

PGP is a personal encryption program that you can use to encrypt files or email.

PGP is 'Pretty Good Privacy', originally created by Phil Zimmerman. The long and short of the story is that Phil released his encryption program to the public and was investigated by the federal government. As soon as the investigation was closed, Phil started a company based on his product, which was later purchased by Network Associates.

You can get the freeware version of PGP from: http://www.nai.com/products/security/pgpfreeware.asp
**Be prepared for a wait, as this is approximately a 5.5Mb file.

Note: All of the examples used in this Guide are performed using PGPfreeware 6.0. The link above is for this version.

************************************************************
NEWBIE NOTE: How to use PGP will be described, but if you want to make it a little easier to use, download the Eudora email client and install PGP's Eudora plug-in. The tools from PGP appear as icons on the toolbar in Eudora, and encrypting or decrypting an email is as easy as selecting an icon.

To get Eudora freeware to use with PGP, go to: http://www.eudora.com/products/
************************************************************

Once you have the PGP freeware program, double-click on the icon to install it. Just follow the instructions, they are very straight-forward, and there are no tricks or surprises along the way. You will have to reboot your computer, though, but when you do, PGP Tray should be in your Startup group, and there will be a little lock icon on the TaskBar.

NOTE: For the purposes of this Guide, PGP 6.0 was installed on NT 4.0/SP 3. However, there should be no great difference with 95/98.

Okay, once you have PGP installed, you need to create your own keys. But before we get started on that, let's briefly describe how all of this works...

Briefly, the idea is this...PGP generates strong cryptographic keys, a public and a private key. You keep the private key, and distribute your public key...attach it to your email by using a signature file, post it on a web page, whatever. You get your friends public keys and import them into PGP Tools. When you want to send an encrypted email, you encrypt the email using the public key of whomever you are sending it to...and only that person will be able to decrypt it using their private key. You can also sign the files and emails so that whomever has your public key in their key ring will know that the file is from you, and not someone pretending to be you.

Creating your own keys

Now, let's generate a key pair. Click Start -> Programs -> PGP -> PGP Keys. Note: This assumes that you installed PGP using the default options. You will see lots of keys already in the PGP Keys tool...these are the keys of the folks at PGP, Inc, which is now part of Network Associates. Scroll down until you find Phil Zimmerman's key...he is the creator of PGP.

To create your own pair, choose Keys -> New Key... and follow the instructions. The second screen of the Key Generation Wizard asks for your full name and an email address. If you have one of the free email accounts from Yahoo or HotMail, you may choose to use that email address. The third screen asks you to pick how large of a key pair you wish to generate...since the Happy Hacker herself uses 3072 bits, we'll choose the same strength.

************************************************************
NEWBIE NOTE: The size of the key determines its strength... the larger the key, the harder it is to crack.
************************************************************

On the fourth screen, choose 'Key pair never expires'.

The fifth screen asks for a passphrase to protect your private key. Choose something that is not at all easy to guess...and then mix in numbers, capital letters, and punctuation. After you confirm your passphrase and click 'Next', there will be a way cool graphic while PGP generates your key pair.

Next, since we're just setting this up on our own system, and not connecting to a root server (a server that is used by companies to manage lots of keys), do not check the 'Send my key to the root server now' box.

You now have your own key pair!!

Importing keys

Okay, now what? Hhhmmm....let's look at an example of how to import keys. Go to: http://koan.happyhacker.org/~satori/satori.asc

There are two key blocks on this page...looks like two different versions of PGP. Great. Look at the larger one...now highlight it, including the lines that contain 'BEGIN (END) PGP PUBLIC KEY BLOCK'.

NOTE: We are only going to import the lower key block. Do not include the upper key block... the smaller one that says 'Version 2.6.2'.

Highlight the entire 'Version: PGPfreeware 5.0i' block, and press 'ctrl-c' (ie, hold down the control key, and press the 'c' key) or choose Edit -> Copy from your browser.

Minimize the browser and open PGP Keys.

Choose Edit -> Paste, and you'll see Satori's key in the dialog window. The email address used is 'satori@rt66.com'. Click 'Import'. Now you have Satori's public key, and you can encrypt messages to him...and only him.

PGP ships with two public key servers built in. To see them, open PGPKeys, and choose Server -> Search. The drop-down box at the top of the Search Window will list an LDAP server at PGP.COM and an HTTP connection to MIT.EDU. You can search for keys by typing in the name of the user you are looking for...I found the Happy Hacker's public key in a matter of seconds! I just clicked on her key, and dragged it to my PGPKeys window...

Hint: For the search, use the UserID of 'Carolyn Meinel'.

Creating a group of keys

Now let's create a group of keys. What this does is keep several keys together, so if you have several keys from friends and you want to encrypt a file for all of them, you don't have to go about encrypting the file for each person.

In PGPKeys, choose Groups -> New Group..., and enter the information asked for.

Choose Groups -> Show Groups, and a lower dialog window will open in PGPKeys, with the name of the group you just created.

To add keys to the group, highlight the key you want to add and click 'ctrl-c' to copy the keys to the clipboard.

Highlight the group, right-click on it to open the popup menu, and choose Paste. The keys will be pasted into the group.

Making your public key public

There are a couple of ways to make your public key available. We'll describe two methods...using a public key server, or saving the key to a text file so that someone else can import it.

First, as stated above, PGP ships with two public servers...one at PGP.COM, the other at MIT. When you are connected to the Internet, open PGPKeys, select your key pair, and click Server -> Send to, and choose the server you want to send your public key to.

The other method is to save your public key to a file. This file can be sent to your friends, or pasted into your signature file on your email. To save your public key to a file:

Open PGPKeys, and select your key pair.

Click Keys -> Export, and a file dialog will open.

Choose a filename.

To save your public key into a document that already exists, such as a signature file for your email:

Select your key pair.

Click Edit -> Copy (or hit ctrl-c).

Move to the document where you want the key saved, and choose Edit -> Paste from the menubar for the document (or hit ctrl-v).

Encrypting Files

WARNING: The next example shows you how to encrypt and decrypt your files. Choose a file to try the example on but do NOT try it on a system file or other important file!!

Want to encrypt a file on your machine? Great, let's try it. Open up any folder, and choose any file. Right-click on the file, and go to PGP in the popup menu. Choose 'Encrypt', and choose your key pair from the dialog window. Now, click on the pair, and drag it into the lower window. PGP will encrypt the file and you'll see another icon pop up...an armor plate with a lock on it. Very appropriate, if you think about it.

Now to decrypt the file, make sure that you've moved or deleted the original file (make sure that you aren't using a system or other important file for this example!!) and double-click on the encrypted file. Enter your passphrase in the lower dialog window, and BANG!, your file is decrypted.

This is a great way to protect your files. And it's free!

To encrypt a file for the group, just follow the same steps as above, but choose the group name instead of a single key.

Encrypting your email

Now, encrypting your email...if you are using Eudora or (god forbid!!) Outlook, then you could have opted to use the PGP plug-ins for either of them. However, if you don't use either of the two mail clients, then in order to encrypt your email, can choose a couple of options.

First, using an email client such as Netscape, you can easily encrypt the file as described above, and attach it to the email.

Another option is to type what you want into the message area of the email, and then highlight it and click 'ctrl-c' to copy the text to the clipboard. Then right-click on the PGP Tray icon on the TaskBar (the little lock) and choose 'Encrypt & Sign Clipboard'. The PGPKeys window will open, and you need to choose to whom you wish to encrypt the message. You'll be prompted for your passphrase, as the message will be signed, so that your friend (who has your public key) will know that it's from you. Once the text on the clipboard is encrypted, go back to the email (or file) and highlight the text again, and click 'ctrl-v' (hold down the control key and hit 'v') and the encrypted message will be pasted into the email over the original message.

************************************************************
NEWBIE NOTE: If the PGP Tray icon isn't on your TaskBar, check your Startup folder. If it's not in the Startup folder, add a shortcut to PGPTray.exe to the folder.

If at any time you are having difficulty trying to do anything with your keys, simply open the Help in PGP. The help documents are very good... they are clear, descriptive, and concise.
************************************************************

Here's my (Keydet89) public key:

-----BEGIN PGP PUBLIC KEY BLOCK----- 
Version: PGPfreeware 6.0 for non-commercial use

mQGiBDYMk4YRBAD3QaP+/6SFBzkdZLc+iVlfRJ1q7F3axQOK3uAgEMQ41kyJVQju
Ynn+ZnVG8qgPRnvD3DkapzmWpl/lgc+ezmA9Af6pezrFKEBP9NWZN8u53qXNKPxo
CaIIikhoOcd+5YnrsezKvDN6ab8vWcYgrui3ecMu6AmAxnFAj+rCiQizvQCg/6V8
sYmhkBIqTbu8eMwZ/G7OXq8D/13LtUsoLB/Z9Wtza661GtZ/O9NLiA0qlJbDOkvf
cv9k76KvzHCshvTwM/s9sqmc5EuB4cvNNILelW0wMcQrM+NBNNxtgGf/Q4+nh0kB
11GSOOijIEDFLSb2MIu3I1wDeFLiSD30F88MjpK517bhLIPY+xt5EtIBzFx6Xh27
23EFA/9IZkLzO7fwAtjljWCyw72e4sxXDPO5v1GFBG+TZF9DM+Zzbfext9Wkw5MW
DMStICIaCYAsq5ywaQUrzPe2WJfeQqNbSOi9QULnri7dg0jBOxHHPkMDy4wxKqmu
dS4txrCedXKWALKVnFfDy2bfrLZ9WYP2YIqta3QoYvg5Qkpy+LQdS2V5ZGV0ODkg
PGtleWRldDg5QHlhaG9vLmNvbT6JAEsEEBECAAsFAjYMk4YECwMCAQAKCRA5IB4E
SkfiCzxJAJ9I8COJS34TOJftyPXFLHz1qpAFiwCg8c9G3jZRv4ki5MjufpPDtnOQ
5zG5Aw0ENgyThhAMAMwdd1ckOErixPDojhNnl06SE2H22+slDhf99pj3yHx5sHId
OHX79sFzxIMRJitDYMPj6NYK/aEoJguuqa6zZQ+iAFMBoHzWq6MSHvoPKs4fdIRP
yvMX86RA6dfSd7ZCLQI2wSbLaF6dfJgJCo1+Le3kXXn11JJPmxiO/CqnS3wy9kJX
twh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xk
hkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58
yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4
DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/
POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlL
IhkmuquiXsNV6UwybwACAgv+PxYBW2jJR/SP7xiaZ0TZ8E1QsgyZfN0EBHb8oogw
hpNmJzqjmTLWrPpTMRlHVkPxikunEnUIL1tBzrPGaz+CuUOhCFAVqXr/JwCF2ocQ
Zus/rtucN7PPqvkC5IMYW04MvBGE4n/7pbNFelXZb790nkyOamVh0zqMokraQtfW
mi4qQrlg0yEqiLt1JUvf/mdaSR2UdYiLMLg43oIPXmp608DjtUWXBU8nZuYLq60v
dQde2dX82cOvlswR3/z43KGrhsklQwKZoPq1IkcP3pA9Jjqq3ltLXf5A74vFCetl
JBoLUW0pCIuN1GcG4qAIeUusTuyX6QtO6pfvfYyNhyEF+ylJGyt93VSUssNF1wR/
UodXQ3NdtQAWYrNXTWwrXDN9Sm4rG/rHU/BPbd0VLC8PH8wraVluk/NzMrMdPGhj
mnxeHcBRb0WtIA6hZt+rIJBsel7In6ayl0UbnZWFkp0AZshmh0DKBy46Tr4V2UYM
NdjL9AemPh4kd64VmvJ2GHleiQBGBBgRAgAGBQI2DJOGAAoJEDkgHgRKR+IL3BwA
oIkAAwmgpFp9CLq1SX4sPj871eekAKCag3rN+zsu1dh3lBJQ4lYw7TmtAg==
=0E/c
-----END PGP PUBLIC KEY BLOCK-----

________________________________________________________
Where are those back issues of GTMHHs and Happy Hacker Digests? Check out the official Happy Hacker Web page at http://www.happyhacker.org.
We are against computer crime. We support good, old-fashioned hacking of the kind that led to the creation of the Internet and a new era of freedom of information. But we hate computer crime. So don't email us about any crimes you have committed!
To subscribe to Happy Hacker and receive the Guides to (mostly) Harmless Hacking, please email hacker@techbroker.com with message "subscribe happy-hacker" in the body of your message.
Copyright 1998 keydet89. You may forward, print out or post this GUIDE TO (mostly) HARMLESS HACKING on your Web site as long as you leave this notice at the end.
_________________________________________________________
Carolyn Meinel
M/B Research -- The Technology Brokers

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT