Lost Newbie

Kirk Fort kfort at kfort.dyn.ml.org
Sat Sep 26 23:23:52 CEST 1998 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 26 Sep 1998, Richard Lynch wrote:

> My elation at having a menu was dashed by my inability to understand whic=
h
> choice was best for my particular application.

I don't understand the little differences between the different types of
keys, but if I were you, I would choose the default.

> Then I put in my client's name, e-mail, and a comment.  Whoo Hooo.  I see=
m
> to have generated a key and a secret key.  Damned if I know what the
> difference is or how to use them, though.

You have a public key, and a secret key.  What is encrypted with the
public key can only be decrypted with the secret key.  What is encrypted
with the secret key can only be decrypted by the public key.

> >So to send your friend a message, you would encrypt your message with hi=
s
> >public key, and he would only be able to decrypt it by having the secret
> >key and putting in the password to use his secret key.
>
> Sounds good.  'Cept I'm unclear on the difference between a password and =
a
> secret key...  Why does he need both?  Not a big deal:  I just don't get
> it.

You put a password on the secret key for added security.  If anyone had
access to the secret key and it did not have a password on it, they could
encrypt and decrypt with it.  If you really want to I suppose that you
could leave a password off of the secret key. Usually this is not a good
idea.

> I got as far as trying to ASCII encrypt a file, and then I got this:
>
> [chatmus at ruby gpg]$ ./gpg -vae  /home/c/h/chatmus/test.txt
> gpg (GNUPG) 0.3.5; Copyright (C) 1998 Free Software Foundation, Inc.
> This program comes with ABSOLUTELY NO WARRANTY.
> This is free software, and you are welcome to redistribute it
> under certain conditions. See the file COPYING for details.

First thing you need to do is upgrade to 0.4.0 .  0.3.5 has a major bug
which makes it basically useless.  0.4.0 has a minor bug, so you should
apply the hotfix which was posted to this list several days ago.  Your
sysop needs to read this list. gpg is alpha software that changes daily.

> gpg: Warning: using insecure memory!

The gpg program needs to have the suid bit set in order to use secure
memory. Usually this means something like 'chmod 4755 /usr/local/bin/gpg'.
Your sysop should know how to do this.

> gpg: this is a PGP generated ElGamal key which is NOT secure for signatur=
es!
> gpg: key 812E70CE, uid 2640: invalid self-signature: Unknown pubkey algor=
ithm
> gpg: key 812E70CE, uid 2640: invalid user id - removed
> gpg: key 812E70CE: no user ids - rejected
> gpg: key 812E70CE: can't put it into the trustdb
> gpg: failed to initialize the TrustDB: Bad certificate

I don't have much of a clue about all of this stuff. Anyone else??
I'm pretty sure it has something to do with the option you chose when you
generated your key.  I think what the trouble is that the key isn't self
signed because you chose an option that can't sign.  Go with the default
option to generate your key. You can delete your key with 'gpg
- --delete-secret-key Cameron' (Michael Cameron is the id on it, right?) an=
d
'gpg --delete-key Cameron' .  Run gpg --gen-key again and choose option 1.

> You did not specify a user ID. (you may use "-r")
>
> Enter the user ID: Michael Cameron

> gpg: Ooops: Ohhhh jeeee ... (pkclist.c:538:select_algo_from_prefs)
> secmem usage: 1472/1472 bytes in 3/3 blocks of pool 1472/16384
> Aborted

> Why do I get the idea that I've found a bug, or I'm just doing something
> that nobody who knew what they were doing would try?  :-)

Probably a bug of somesort.  I'm not really sure what all of your errors
mean.

> B)  I didn't pick one of the "sign and encrypt" options.
I think so

> [chatmus at ruby gpg]$ ./gpg -c
> gpg (GNUPG) 0.3.5; Copyright (C) 1998 Free Software Foundation, Inc.
> This program comes with ABSOLUTELY NO WARRANTY.
> This is free software, and you are welcome to redistribute it
> under certain conditions. See the file COPYING for details.
>
> gpg: Warning: using insecure memory!
> gpg: this is a PGP generated ElGamal key which is NOT secure for signatur=
es!
> gpg: key 812E70CE, uid 2640: invalid self-signature: Unknown pubkey algor=
ithm
> gpg: key 812E70CE, uid 2640: invalid user id - removed
> gpg: key 812E70CE: no user ids - rejected
> gpg: key 812E70CE: can't put it into the trustdb
> gpg: failed to initialize the TrustDB: Bad certificate
> =9B$#created by GNUPG v0.3.5 (GNU/Linux)
>
> yu
>   ]=8A
>
> Had to break.
You got the same errors you got before about the key.  Then it waited for
the standard input.  You need to specify a file to encrypt on the command
line.  Or you can use the '-o' option on the command line and type what
you want to be encrypted into gpg then end it with a ^d .

> My ISP host chose not to put the gpg man pages in... Where are they.  I
> looked, but failed to find them.
Ask your sysop

> PS  Is somebody working on an "Introduction" yet?
> It ain't much, but I reckon I could try to start one.

I think someone is working on more documentation but I don't really know.
Remember that this is alpha software so alot of your documentation right
now is the mailing list and the change logs.

Kirk Fort
-----BEGIN PGP SIGNATURE-----
Version: GNUPG v0.4.0 (FreeBSD)
Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/

iEYEARECAAYFAjYNobsACgkQf+niZZlBRVPSmgCeP3q8vvVtCgfaPBR6fYjAWLzDKlwAnilc
5eXNMeUK+J7TBqeY9qliO1Co
=3Dc99C
-----END PGP SIGNATURE-----

More information about the Gnupg-devel mailing list