|
Back to Articles and Papers > Cryptography
PGP4PINE
A PGP Implementation Using Pine Filters
The following instructions are geared toward the UNIX implementation of PGP
v2.6.2. These instructions assume that you already have PGP installed on your system and
have created your PGP public and secret keyring. (If you do not yet have PGP on your
system and haven't yet created your PGP public and secret keyrings, please refer to the
MIT PGP Home Page and/or the PGP man
page and pgp -h help file as appropriate.)
Another mail user agent called Mutt)
comes with PGP operability standard. Special
note: you will need to get the "International" version of Mutt in order to utilize
Mutt's PGP plug-in features. Export laws of the United States prohibit even having code
stubs for drop-in cryptographic support, thus the U.S. version of Mutt does not have PGP
support built in.
For users of Elm, I'm personally unaware of any PGP plug-in for said mailer,
but I would imagine that the following directions for Pine implementation could be
readily adapted for Elm.
These instructions can be readily adapted to suit the command-line sequences as
required by PGP v5.x for UNIX (as I've previously done on Slackware Linux). However,
I'll go over the basics here and will later add the PGP v5.x implementation if I get
enough requests.
The instructions provided here are in the following format:
-
Instruction/Explanation
-
Important Note
-
command-line sequence
How to Implement PGP with Pine:
-
Start in your home directory.
-
cd .pgp
-
D1=`which pgp`
(Note that the above are backticks and not apostrophes.
Further, the PGP binary should be in your PATH statement for the above to
work properly.)
-
ln -s $D1 encrypt
-
ln -s $D1 pgpsign
(If you do an ls -al of the .pgp directory, the contents should
look something like the following.)
drwx------ 3 user group 512 Oct 10 10:10 .
drwx--x--x 9 user group 1536 Oct 10 10:10 ..
lrwxrwxrwx 1 user group 18 Oct 10 10:10 encrypt -> /usr/local/bin/pgp
lrwxrwxrwx 1 user group 18 Oct 10 10:10 pgpsign -> /usr/local/bin/pgp
-rw------- 1 user group 5860 Oct 10 10:10 pubring.pgp
-rw------- 1 user group 408 Oct 10 10:10 randseed.bin
-rw------- 1 user group 1617 Oct 10 10:10 secring.pgp
-
cd ..
-
pine
-
Perform the following tasks in Pine:
Select Setup and Config.
Locate "compose-send-offers-first-filter" and Set that option on.
Locate "display-filters" and enter the following:
_BEGINNING("-----BEGIN PGP MES")_ /usr/local/bin/pgp,
_BEGINNING("-----BEGIN PGP PUB")_ /usr/local/bin/pgp -ka _TMPFILE_
Locate "sending-filters" and enter the following:
~/.pgp/pgpsign -fast,
~/.pgp/encrypt -feast _RECIPIENTS_
-
Exit and Save the Config changes.
-
As a test, compose a message to yourself.
When you hit Ctrl+X to send your message, you will be
presented with the filter for pgpsign. You can select this filter by hitting
'y', or you can do Ctrl+N to go to the next filter
(encrypt). You can also hit Ctrl+N again to elect to send
the message unfiltered (with no PGP signature and no encryption).
-
On selecting either
pgpsign or
encrypt, Pine will invoke PGP and request your secret key passphrase.
If you do not provide your passphrase, Pine will not send your message.
-
Upon successfully entering your passphrase, PGP will
sign/encrypt your message (based on which filter you selected) and send your mail. As the
following shows, this message was PGP signed.
That's all there is to it. Enjoy your PGP Pine plug-in.
About the author
Jay D. Dyson is an independent security
consultant specializing in network and host security services and serves as a Senior Security
Engineer for the National Aeronautics and Space Administration (NASA) in Pasadena, California.
He has been involved with computers for over 20 years and has been a system administrator for
over 15 years on various platforms.
|
![[Treachery Unlimited Logo]](images/treachery_logo.jpg){kind=logo}
