gnuPG and Php

Todd Todd <Freedom_Lover@pobox.com>
Tue Jan 7 14:27:03 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jon Roberts wrote:
> Could some one give me some help on how to encrypt some user entered data
> online.
[...]
> A web reference etc would be helpful.

Here's an old tutorial that covers the basics:

    http://hotwired.lycos.com/webmonkey/00/20/index3a_page5.html

I think the important thing to keep in mind is that the web server normally
runs as a different user (and has different privileges) than you do when
logged in via ssh.  There are various ways to deal with this.  Some web
hosts set things up so that your scripts run under your userid.  For those
that don't do this, the --homedir option is one to look at.  You can see
what user the server is running as in the phpinfo() output.

If your web server is running as a user other than your ssh login, then you
need to make sure that this user can access the keyrings where you imported
your keys.  Not doing this is what burns most people trying to setup a gpg
encrypted web form.  The result is that it "works fine from the command line
but fails when run from the web page."

You might also want to search the archives for this list.  The question
comes up fairly often.  There's no search feature integrated with the list
archives directly, but there is a searchable archive at:

    http://marc.theaimsgroup.com/?l=gnupg-users

[To the list mods: perhaps a link could be added to the listinfo page to
these searchable archives?  It would hopefully make it a little more likely
that new users would try searching for answers before posting.]

HTH,

- -- 
Todd                  OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz
============================================================================
The evils of tyranny are rarely seen but by him who resists it.
    -- John Hay, 1872

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iD8DBQE+Gjeluv+09NZUB1oRAnpDAKD3+UjITv4hD2y209P3g3ij8PajmQCgve3G
6KPpJy65Gne3O36T1s4zKb0=
=8tE2
-----END PGP SIGNATURE-----