WHO SAYS PGP IS HARD TO LEARN ?

 

 

 

If you don't have PGP installed yet, you should really go to thePGP INSTALLATION  PAGE first, which will explain the process to have it installed.  You could the come back here. 

 

So you have installed PGP, but don't know where to start ?  Let's try to make the process as easy as 1,2,3 shall we !

PGP is all about being able to use and configure properly : PGP TOOLS, PGP KEYS and PGP DISK

 

 

The bold key is your default key which is the one you upload to the servers, if you so wish, making sure you include all email addys for which you intend to use PGP with, and for others to have access to.

         

 

Bu, first let's look at the icon in your tray.  Clck on it.  A menu comes up showing :

1)  EXIT,    2)  HELP,    3)  OPTIONS,   4)    PGPNET,   5)   PGP DISK,   6)    PGP KEYS,    7)    PGP TOOLS,        8) CURRENT WINDOW, 9)CLIPBOARD.

LET's go at them one by one :

1) EXIT  :  SELF EXPLANATORY

2) HELP : Brings up the help file.

Now, let's move on to concepts about :

 

 

3)   Well, so much for the introduction.  LET's get into the OPTIONS

To configure General options

Select Options from the Edit menu. The PGP Options property window appears with the General page displayed.
Select from the following:

Always encrypt to default key :  THIS IS VERY IMPORTANT

When this setting is selected, all the email messages and files you encrypt with a recipientís public key are also encrypted to you using your default public key. It is useful to leave this setting turned on so that you have the option of decrypting the contents of any email or files you have previously encrypted. 

Faster key generation

When this setting is selected, less time is required to generate a new Diffie-Hellman/DSS key pair. This process is fairly quick because it uses a previously calculated set of prime numbers. However, fast key generation is only available for the fixed key sizes that appear on the key generation screen (above 1024 and below 4096; fast key generation is not available if you enter other values. Although it would be just about impossible for anyone to crack your key based on their knowledge of these canned prime numbers, you may want to spend the extra time to create a key pair with the maximum level of security.

The general belief in the cryptographic community is that using canned primes provides no decrease in security for the Diffie-Hellman/DSS algorithms. If this feature makes you uncomfortable, you may turn it off. For more information, read the FAQ located on the Network Associates website.

Cache decryption passphrases for [ ]

This setting specifies the amount of time (in hours: minutes: seconds) that your decryption passphrase is stored in your computerís memory. If you regularly compose or read several email messages in succession, you may want to increase the amount of time your passphrase is cached so you donít have to enter it over and over again to get through all of your mail. 
To change the amount of time that your decryption passphrase is stored in memory, click in the field you wish to change (either hours, minutes, or seconds) and click the up or down arrow.

Cache signing passphrases for [ ] 

This setting specifies the amount of time (in hours: minutes: seconds) that your signature passphrase is stored in your computerís memory. If you regularly compose or read several email messages in succession, you may want to increase the amount of time your passphrase is cached so you donít have to enter your passphrase over and over again to get through all of your mail.
To change the amount of time that your signing passphrase is stored in memory, click in the field you wish to change (either hours, minutes, or seconds) and click the up or down arrow. 

Comment block

Comments entered in the Comment Block field are included in all encrypted files and display beneath the --BEGIN PGP MESSAGE-- header and PGP version number. 
If this version of PGP was pre-configured, you may not be able to edit the Comment Block text.

Warn before wiping files

When this setting is selected, a dialog box appears before you wipe a file to give you one last chance to change your mind before PGP securely overwrites the contents of the file and deletes it from your computer.

Number of Passes

Indicates how many times PGP writes over the contents of the file. 

© 1999 Network Associates, Inc.

Configuring Email options

Use the Email pane to specify the options that affect the way PGP functions are implemented for your particular email application. 
To configure email options, select Options from the Edit menu. The PGP Options property window appears with the General page displayed. Click the Email tab and select from the following:

Use PGP/MIME when sending email

If you are using Eudora and you turn this setting on, all of your email messages and file attachments are automatically encrypted to the intended recipient. This setting has no effect on other encryptions you perform from PGPtray, from the clipboard, or from Windows Explorer and should not be used if you plan to send email to recipients who use email applications that are not supported by the PGP/MIME standard. Using Eudora, attachments will always be encrypted regardless of this setting, but if the recipient does not have PGP/MIME, the decryption process will be more manual.

Encrypt new messages by default

If you are using Eudora and you turn this setting on, all of your email messages and file are automatically encrypted.

Sign new messages by default

If you are using Eudora and you turn this setting on, all of your email messages and file attachments are automatically signed. This setting has no effect on other signatures you add from the clipboard or Windows Explorer and should not be used if you plan to send email to recipients who are using applications that do not support the PGP/MIME standard. 

Automatically decrypt/verify when opening messages

If you are using Eudora and you turn this setting on, all of your email messages and file attachments that are encrypted and/or signed are automatically decrypted and verified.

Always use Secure Viewer when decrypting

If you enable this setting, all of your decrypted email messages are displayed in the Secure Viewer window with a special TEMPEST attack prevention font. For more information about TEMPEST attacks, click .

Word-Wrap clear-signed messages at column [ ]

This setting specifies the column number where a hard carriage return is used to wrap the text in your digital signature to the next line. This feature is necessary because not all applications handle word wrapping in the same way, which could cause the lines in your digitally signed messages to be broken up in a way that cannot be easily read. The default setting is 70, which prevents problems with most applications.

Notes

ō The PGP/MIME option is not applicable for all email applications.

ō Some options might not apply to your particular email application.

Warning

If you change the word-wrap setting in PGP, make sure that it is less than the word-wrap settings in your email application. If you set it to the same or greater, carriage returns might be added and invalidate your PGP signature.

© 1999 Network Associates, Inc

.

 

 

Want to exchange your keys with others ?  You can do it through key servers or by Email :

P.S. Privacy in PGP  You need to be reminded that unless someone knows your name or addys or nickanmes, retrieving of your key will not be possible through PGP servers.  IF you insist on your email addy remain secret, then do not sign someone else's key as your addy could then become accessible through association.

 

 

You can mange your key settings, such as changing a passphrase, specify the default key pair, add a photo, etc :

 

4 )  PGP NET                                                                                                                                                             PGPnet is a landmark product in the history of PGP. PGPnet secures all Internet communications between itself and any other machine running PGPnet. It is also fully interoperable with the Gauntlet GVPN gateway providing a complete solution for corporate remote access VPNs using the industry standard IPSEC (Internet Protocol Security) and IKE (Internet Key Exchange) protocols. It is also interoperable with other IPSEC products that implement the standard

© 1999 Network Associates, Inc.

PGP Net is installed but inactive on my system.

 

 

5) PGP DISK      What about protecting some files on your system ?  Tha's easy with PGP DISK.                                  PGPdisk enables you to set aside an area of disk space for storing your sensitive data.

© 1999 Network Associates, Inc.

  Just hit the new key.  This brings the PGP wizard which will ask you to choose a location for a file that will be creted in which you will transfer the current files which you want to hide from others.  Next you choose how big you what this file or container to be and a drive number to store it.  Then you create a passphrase plus some random data used by PGP and your file will be created.

 

Now that your container file has been created, let's start accessing it.  This time, instead of hitting the new button, you simply click on MOUNT.  You will need to supply the location where you saved the container file.  Then you will need to enter the passphrase for it.

Note than the container file can now be used as any other drive with it's own drive number, in this case J:  Files can now be used as normal.  Once you are done working with your files, you simply go back to PGP DISK and click on UNMOUNT.    Your container file and all files within it, will no longer be accessible until you MOUNT that file again ! 

 

 

6)  PGP TOOLS

Gives you instant access to PGP Keys, Encrypt, Sign, Sign & Encrypt, Decrypt/Verify, Wipe, or Freespace Wipe.

 

7) CURRENT WINDOW.        Useful when you need to encrypt or decrypt from say an email.

 

 

8) CLIPBOARD  :  SELF Explanatory.