phunni Posted March 21, 2003 Report Share Posted March 21, 2003 I've recently been trying to set up PGP encryption & signing with evolution. So far it seems to have gone well - I've been able to send myself as couple of encrypted messages and then read them - not all that exciting though really! My questions are: 1) is GnuPGP compatible with normal PGP? i.e. if I send email to someone using outlook, or whatever, wil lthey be able to use that implementation of PGP to talk securely to me? 2)In order to test that I have done this properly in a better way, it would be helpful if I could interact with someone else using encrypted email - can anyone let me have their public key so I can send them an encrypted email? You can pass it to me via a private mesaage if that would be prefered. Thanks in advance Link to comment Share on other sites More sharing options...
kmack Posted March 21, 2003 Report Share Posted March 21, 2003 Just sent you my PGP key via your hotmail acct. My email is on the pgp key. This is from my Windows box running PGPi 7.0.4 so you can test cross platform. I think this version will work, but some others may not. According to gnupg.org site it should work: 1.2) Is GnuPG compatible with PGP? In general, yes. GnuPG and newer PGP releases should be implementing the OpenPGP standard. But there are some interoperability problems. See question 5.1 for details. 5.1) How can I encrypt a message with GnuPG so that PGP is able to decrypt it? It depends on the PGP version. PGP 2.x You can't do that because PGP 2.x normally uses IDEA which is not supported by GnuPG as it is patented (see 3.3), but if you have a modified version of PGP you can try this: $ gpg --rfc1991 --cipher-algo 3des ... Please don't pipe the data to encrypt to gpg but provide it using a filename; otherwise, PGP 2 will not be able to handle it. As for conventional encryption, you can't do this for PGP 2. PGP 5.x and higher You need to provide two additional options: --compress-algo 1 --cipher-algo cast5 You may also use "3des" instead of "cast5", and "blowfish" does not work with all versions of PGP 5. You may also want to put: compress-algo 1 into your ~/.gnupg/options file - this does not affect normal GnuPG operation. This applies to conventional encryption as well. I am about ready to turn in for the night, so might not be able to get back with you right away. But be glad to test this as I will soon be doing the same thing from time to time. :wink: Link to comment Share on other sites More sharing options...
phunni Posted March 21, 2003 Author Report Share Posted March 21, 2003 Thanks - see you in the morning :) Link to comment Share on other sites More sharing options...
Michel Posted March 21, 2003 Report Share Posted March 21, 2003 windowsprograms for pgp are compatibe with gnupg, except for IDEA(somthing like that)-encryption, because there is a pantent on that till 2007. For the rest they should be compatible....By the way, use RSA: I believe it is the most secure form of communication. I suppose you have already made you key. Link to comment Share on other sites More sharing options...
phunni Posted March 21, 2003 Author Report Share Posted March 21, 2003 I ahve generated a set of keys - one public and one private- can't remember if I used RSA or not - which one is the default? Link to comment Share on other sites More sharing options...
kmack Posted March 22, 2003 Report Share Posted March 22, 2003 Phunni, Go ahead and send me a PGP email whenever you are ready and I'll let you know if I can open it. Be sure to include your public key or send it by separate email! Btw, I have used PGP on Windows for 10+ yrs so pretty used to it there, but am new to gnupg. The cmd lines have similar features, but I have used gui frontends and plugins for last 8 yrs at least so haven't had to be good at the syntax side. :) Link to comment Share on other sites More sharing options...
phunni Posted March 22, 2003 Author Report Share Posted March 22, 2003 kmack - tried to send you a mail and encryption wouldn't work it. I pasted your key in to a text file called KMackKey and ran gpg KMackKey This seemed to work in that I saw the details of your public key. However, when I tried to send you an encrypted email with evolution - it complained that it couldn't find a key for your email address. I'm really not sure why this happened - I followed the instructions in the evolution help exactly and it was seeming to work right up until I tried to send the encrypted message Any ideas what I did wrong? I'd love to figure out how to get this working Link to comment Share on other sites More sharing options...
kmack Posted March 22, 2003 Report Share Posted March 22, 2003 Phunni, Sorry, got tied up on a project here so haven't checked in for a time. I don't use Evolution so not sure how the plugin works. You must tell gnupg what key to use and you must have added that key to your "keyring" first. Did you add my key to your key ring? If someone sends you their GPG public key, or you find it on their website, you can import it using: [user@mdk]$ gpg --import user.asc where user.asc is the file containing their public key. I am going to resend my key to you in an .asc format just to be sure you get it ok, but I think it should have worked the other way too. Go ahead and send your key to me via separate email, and I will add it to my keyring here and send an encrypted message to you. :wink: Link to comment Share on other sites More sharing options...
Michel Posted March 22, 2003 Report Share Posted March 22, 2003 There exist an "illegal" plugin for gnupg, so that it can also decode IDEA-keys. It is listed somewhere on the website of gnupg :). Link to comment Share on other sites More sharing options...
kmack Posted March 22, 2003 Report Share Posted March 22, 2003 Phunni, First message is unreadable. I tried to open the *.dat file and it only contained the words "version 1" in clear text. the second attachment when executed opened my passphrase dialog box, but it could not open the *.dat file. Not sure what the issue is, but seems there is not any decryptable text in the first message so it won't read it. Back to the drawing board! Try another one and I'll be back shortly. Another round of lightning is moving thru! :roll: Link to comment Share on other sites More sharing options...
phunni Posted March 22, 2003 Author Report Share Posted March 22, 2003 I got your email, but it wasn't decrypted - I can only see the encrypted text as plain text, which isn't much use. I can see that this will require a bit more experimentation on our part Link to comment Share on other sites More sharing options...
phunni Posted March 22, 2003 Author Report Share Posted March 22, 2003 I was able to decrypt via seahorse though, so I read your message, which is progress at least :) Link to comment Share on other sites More sharing options...
phunni Posted March 22, 2003 Author Report Share Posted March 22, 2003 I noticed that the decrypted message that you sent was from a different email address than the one in your key - maybe this is what has confused evolution so that it is not decrypting Anyway - in the meantime, enjoy the lightning! Link to comment Share on other sites More sharing options...
kmack Posted March 22, 2003 Report Share Posted March 22, 2003 Lightning has moved out now! Yes, it maybe that the different address will confuse your plugin. In Outlook plugin it will do fine on receive, but you have to manually select the proper key when sending. Probably the same with Evolution. Link to comment Share on other sites More sharing options...
phunni Posted March 22, 2003 Author Report Share Posted March 22, 2003 Hmmm - there was never any option for selecting a key when I sent to you, I figured it just used the key associated with your email address. Did you ever succesfully read my encrypted mail? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now