+-------------------------------------------+ | | | -= P G P S h e l l =- | | | +-------------------------------------------+ PGPShell v3.3 is an interactive, easy-to-use and absolutely free DOS shell for use with Pretty Good Privacy (PGP) v2.6.1+ (c) copyright by James Still 1992-1995 All Rights Reserved QUICK START --------------------------------------------------------------------------- Create a C:\PGPSHELL directory and copy the program contents into it. Before running PGPSHELL.EXE, make sure your "pgppath" and "tz" DOS environment variables are set correctly. If you want to check a sig or decrypt a file just run PGPShell like this: PGPSHELL . PGPShell uses four configuration items that are located in PGP's CONFIG.TXT file. These items are: #shellkeyfile="c:\pgp\pubring.pgp" #shellmessagedir="c:\pgpshell\docs" #shelleditor="c:\dos\edit.com" MyName="James Still" The first three configuration items are optional but the MyName variable is mandatory. You must edit your CONFIG.TXT file and enter your own UserID on the MyName line (in quotes) or PGPShell will not display your key correctly in the Key Management Screen. Unlike MyName the other three PGPShell config items (shellkeyfile, shellmessagedir, and shelleditor) MUST begin with a hash (#) sign. Shellkeyfile should be the complete path name to the default key ring that you want PGPShell to load upon startup. (If shellkeyfile is not located in CONFIG.TXT, PGPShell will look for your pubring.pgp file located at PGPPATH as the default.) "Shellmessagedir" is the pathname that you want PGPShell to go to to retrieve, and place text files that you create during the en/decryption process. The default for this item is the current directory that PGPShell is run from. The last config item, "Shelleditor" is the full path and executable name of an optional external text editor to use in lieu of the internal PGPShell editor. Of course PGPShell's own editor is the default should you not designate a "shelleditor" configuration item in the CONFIG.TXT. INTRODUCTION -------------------------------------------------------------------------- PGPShell is a menu-driven front-end "shell" that manages Phil Zimmermann's Pretty Good Privacy (PGP) public-key, data encryption program. PGPShell is ONLY compatible with MIT's PGP (v2.6.1+) which uses a public domain RSA toolkit (unlike v2.3a) and is available on many Internet sites as PGP26.ZIP. See the "WHAT_IS.PGP" file accompanying PGPShell if you are unfamilar with PGP. PGPShell may or may not be compatible with the upcoming release (summer 1995) of PGP v3.0. PGP is a UNIXish command-line application, which means that various switches must be used to perform tasks. PGPShell merely takes this a step further by introducing a menu-driven environment where, with an optional mouse, you can point and click to various keys in order to perform those same actions as you would from the PGP command line. PGPShell doesn't perform any data encryption on its own; everything is done by PGP and PGP alone. The only difference is, PGPShell shows you the PGP commands in an easy-to-read, friendly format and will make your encryption life a lot easier! Registered Users: To properly install the registered version of PGPShell on your computer, insert the PGPShell disk into your disk drive and type "INSTALL" at the a: prompt. There are two DOS environment variables that PGP uses in order to operate properly. They are "TZ" (time zone) and "PGPPATH" (the DOS path statement to your PGP.EXE program). To properly set them you must use the DOS command "SET" in this manner: set TZ=MST7 (or wherever your time zone is) set PGPPATH=C:\PGP (or wherever you keep PGP.EXE) Set these environment variables before using PGPShell. Four external configuration variables located in PGP's CONFIG.TXT file are used. They are "MyName," "shellkeyfile," "shellmessagedir," and "shelleditor." MyName is a PGP item that many of you are already familiar with. You should set the item like this: MyName = "James Still" (or whatever your UserID is) The MyName variable is the only configuration item that is required for proper use of PGPShell. Failure to correctly enter your own UserID name in the CONFIG.TXT will cause erratic behavior when PGPShell displays your key in the Key Management Screen. Note that the hash sign (#) is absent, meaning that the MyName variable item is PGP-specific. The other three PGPShell-specific variables must have a pound sign inserted in front of them, because PGP does not know of their existence (they are used only by PGPShell) and will choke upon reading them. The first of these PGPShell-specific configuration items is "shellkeyfile." It denotes the location of the keyring file that you want PGPShell to load upon startup. You should set it like this: #shellkeyfile="c:\pgp\pubring.pgp" (or whatever you want) The complete file path to the default key ring should be enclosed in quotes and this key should be pointed to by the PGPPATH variable. If it isn't, PGPShell may behave strangely. If you want to switch keyring files from within PGPShell, press F5 (or click the left mouse button) at the Key Management Screen and choose another keyring file. More on that later however in the KMS section. The second PGPShell-specific configuration item is "shellmessagedir." It denotes the location of the directory where you want to store and retrieve PGP-encrypted/decrypted text files. Since these files tend to clutter up the main PGP or PGPShell directories over time, it is recommended that you create a subdirectory entitled something like, \MESSAGES so that you can keep them separate from the two programs. If you do not wish to use a specific message directory, the default directory that you run PGPShell from will be used instead. The last PGPShell-specific configuration item is "shelleditor." It denotes the directory location and executable file of an optional third-party text editor for use instead of PGPShell's internal editor. The internal editor is the default should you elect to not use a third-party editor. Type "PGPSHELL" at the DOS prompt to execute the program. You must have PGP installed on your computer before PGPShell will be able to allow you to encrypt or decrypt anything. This is because PGPShell cannot perform data encryption on its own, it merely "talks" to PGP and tells it what to do. If PGP is not properly installed, PGPShell will display a context-sensitive help screen that explains the problem and how you can fix it. Optionally, you may add a filename to the command-line to skip the main menu to immediately decrypt a ciphertext file or to check the signature of a ciphertext file. The syntax for this is: PGPSHELL where "filename" is any legal DOS file that has been PGP encrypted. If you want to check the file integrity of PGPShell type: PGPSHELL crc and the cyclical-redundancy test will run providing you with a 5-digit integer number. Compare this number to the one reported in the readme file to make sure that your version of PGPShell is free from viruses, tampering, or other improprieties. Note that the README.DOC is clear-signed with my key so that you can check to make sure that the README file itself has not been tampered with! To do this, run PGPSHELL.EXE and press F4 from within the Key Management Screen to add my key to your key ring. After adding my key, quit to the Main Menu and choose menu item 2, "Decrypt a Message/Check Signature." When the file dialogue box pops up, select the README.DOC and press ENTER. MAIN MENU -------------------------------------------------------------------------- When you execute PGPSHELL.EXE, and after the copyright screen pops up, press any key (or move the mouse) to get to the main menu. The main menu looks like Figure 1 below: ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» º Main Menu º º º º 1 Encrypt a Message º º 2 Decrypt a Message/Check Signature º º 3 Conventionally Encrypt a File º º 4 Key Management º º 5 Quit º º º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ Fig. 1 At any time you many press F1 for a context-sensitive help screen that will provide additional help on the currently highlighted main menu topic. Also, you may press F2 to initiate the file viewer. A pop up dialog box similar to Fig. 4 (below) will display asking you to choose the file you wish to view. Just click on the file, or press ENTER, and it will promptly display. There are three ways to choose a main menu topic: By pointing and clicking with a mouse, pressing ENTER after arrowing down to a topic, or pressing the hot-key (numbered one through five) of the desired topic. I'll take you through a brief description of each menu topic, and then we'll get into more detail later. Encrypt a Message ----------------- This menu option will allow you to prepare either a new, or a previously composed text file for PGP encryption to one or more recipients. You may also prepare encrypted messages from the Key Management Screen. (See the Key Management Screen later in this manual.) Decrypt a Message ----------------- This menu option will allow you to decrypt or the check the certifying signature that may be attached to a ciphertext file. Upon choosing this option, a directory window will pop-up on the screen and you will be prompted to select the ciphertext file with either your mouse or by pressing ENTER. Alternatively, you may use this menu option from the PGPShell command line by using the syntax: PGPSHELL . Conventionally Encrypt a File ----------------------------- This PGP command is sometimes misunderstood by some PGP enthusiasts. It uses the "-c" PGP command, and will archive any text file for your own record keeping or security purposes. Various files such as tax records, sensitive memos or letters, proprietary source code, are just a few examples of items you may want to conventionally encrypt with PGP's single-key cryptography method. You shouldn't use this menu option to send something to another person (unless there is a secure way of communicating the pass phrase to them) and you should not use your secret key's pass phrase when conventionally encrypting files. Consult the PGP manual for the correct usage of the conventional encryption option. Key Management -------------- The Key Management Screen is the "meat and potatoes" of PGPShell, and where you'll probably spend the most of your time when using PGPShell. Proper key management is critical with PGP and the Key Management Screen will help you take proper control of your key ring. See the "Key Management Screen" portion of this manual for more details on its usage. Quit ---- This option exits the PGPShell program and returns you to DOS or Windows. Main Menu Encryption Option --------------------------- If you choose to Encrypt a Message from the Main Menu, PGPShell will replace the Main Menu with a list of recipients (see Figure 2) and ask you to choose the person for whom your message is for. The list will look like the Key Management Screen's UserID Box (see "Key Management Screen" section) Choose Recipients: ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ these two are --> ³ û Hober Mallow, Trader to ³ checkmarked --> ³ û Wendy O. Williams ³ ³ R. Weston Westrope ³ ³ Alan Bradley ³ ³ Lenny Bruce ³ ³ Nathaniel David Jones  ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ Fig. 2 Use the spacebar to checkmark one or more of the recipients in the UserID Box who you will be sending your PGP-encrypted message to. If you change your mind press the Escape key. When you are ready to continue, press ENTER. For help at any time, press F1. After you have pressed ENTER, PGPShell will ask you whether or not you wish to create a new message or open an existing text file. A dialogue box will ask you "Create a New Message?" to which you may answer "Yes" or "No" (see Figure 3). ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³Create a New Message? Y³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ Fig. 3 The default is "Yes" but you can also choose "No" to prompt a pop up Directory Dialog Box to choose a file name (see Fig. 4 below). If you answer "yes", you will go to the text editor where you can begin writing your message. Pressing the ESC key, aborts this process and takes you back to the Main Menu. See the section on Encryption Options for details on encrypting your plaintext file. Main Menu Decryption Option --------------------------- When you choose to decrypt a cipherfile from the Main Menu, a pop up dialogue box (figure 4) is displayed over the Main Menu. Double-click the file or select the file and press the ENTER button to choose that file for decryption. ÚÄÄÄÄÄÄ Choose an Encrypted PGP File ÄÄÄÄÄÄÄÄ¿ ³ Name: ³ ³ *.pgp OK Ü ³ ³ ßßßßßßßß ³ ³ Files: Directories: ³ ³ PUBRING.PGP [..] Cancel Ü ³ ³ SECRING.PGP [ -A- ] ßßßßßßßß ³ ³ [ -E- ] ³ ³ [ -F- ] Help Ü ³ ³ [ -G- ] ßßßßßßßß ³ ³ [ -H- ] ³ ³ [ -I- ] ³ ³ [ -M- ] ³ ³ ³ ³ ³ ³ ³ ³ ³ ³C:\PGP26 ³ ³PUBRING.PGP 3764 Jul 01,1994 3:36p A³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ Fig. 4 If you change your mind when choosing a file for decryption, just press the ESC key or the Cancel button and you will be taken back to the Main Menu. See the section on Decryption Options for details on decrypting a PGP-encrypted file. Using PGPShell's Text Editor ---------------------------- PGPShell contains its own simple text editor. This is the default text editor, but if you should choose to use your own favorite text editor, set the configuration in your PGP CONFIG.TXT file by entering: #shelleditor="c:\[pathname]\[executable]" To use the DOS editor you would enter: #shelleditor="c:\dos\edit.com" If you need help while in the text editor, just press F1 for a pop up help screen. After you have edited, or composed new from scratch, a text file for encryption, just press the Escape key. You will be asked: Save and prepare for encryption? [y/n] If you are satisfied with your message, answer "y" and PGPShell will process your message for encryption. To abort the editor, just answer "no" and you will be taken back to the main menu (or to the Key Management Screen if you entered the text editor from there.) The following commands are allowed in the PGPShell Editor: Key Action Taken --- ------------ F1 Displays a pop up help screen Esc Quit PGPShell Editor Insert Toggles between insert mode and overwrite mode Home Moves cursor to beginning of current line End Moves cursor to the end of current line Alt-F Toggles between all available foreground colors Alt-B Toggles between all available background colors In addition to these keys, the standard arrow keys and ENTER key will move you through the text. Wordwrapping is automatically enabled so that your text will "wrap" to the next line if it is greater than the screen length. The PGPShell Editor with some sample text looks like this: PGPShell Editor v 1.0a File: C:\PGPSHE33\TEST.TXT Ins ---+----1----+----2----+----3----+----4----+----5----+----6----+----7---- Hey Ph00bar, howz it goin? Nothing much over here at my end. Oh yeah, I almost forgot to tell you, I won the lottery this morning--got 2 million dollars burning a hole in my right hip pocket. I'm going out to buy a Sparc workstation right now and getting my domain address hooked up in my smallish apartment tommorrow. Well take care. - Jim ----------------------------------------------------------------------------- Fig. 5 The editor is similar to Microsoft's QBasic Interpreter that DOS 5.0+ uses when you type EDIT.COM at the DOS prompt. It is not designed for serious word processing however. If you wish to load text files that are larger than 20K, you may get a memory error. PGPShell must give PGP as much memory as possible and so there's not much left over for text editing. 20K should be enough for most all of your encrypting needs, but in those rare cases where you're writing someone a very lengthy post, you may want to type and prepare the text outside of PGPShell. Encryption Options ------------------ After you have prepared a text file for encryption, PGPShell will display a pop up dialog box (figure 6) and ask you to choose the Encryption Options for the message. There are four options available to you when encrypting a file in PGPShell: o Sign the plaintext with your secret key o Shred the original file after encryption o Force recipient to view "on-screen" only o Clear sign the file instead of encrypting it For a full explanation of these PGP encryption options you should consult your PGP documentation, but I'll go over each one briefly. Sign - This option uses the PGP [-s] command and allows you to sign the file in addition to encrypting it. Shred - This option uses the PGP [-w] command and literally shreds the original plaintext after you have encrypted the ciphertext. Force - This option uses the PGP [-m] command and provides an extra layer of security to protect the decrypted file when it arrives at it's destination. Clear - This option uses the PGP [clearsig=on] option in your CONFIG.TXT file. Useful for bulletins or flyers where you still want to prove your identity and authenticate the output of the clear signed file as valid. Here is what the Encryption Options dialog box looks like: Encryption Options ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ Sign the message with your secret key ³ ³ Shred the original after encryption ³ ³ Should recipient view on-screen only ³ ³ Clear sign the message; no radix-64 ³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ Fig. 6 Notice that the pointer tool is currently positioned at the first item in this list. To select "Sign" as an option, press the spacebar and a checkmark will appear to the left of the item: ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ Checkmarked ---> ³ û Sign the message with your secret key ³ If you change your mind, you can press the spacebar again to remove the item as an option (and the checkmark will disappear). All of the items are optional, none are required for proper encryption with PGP. Two PGP commands, Radix-64 ASCII encryption, and Canonical text (-a and -t respectively in PGP) are now automatically used in PGPShell. They have both become a universal standard among PGP users worldwide and so they will be used by PGPShell as well. Consult your PGP documentation for more information on the optional encryption switches available to you. Decryption Options ------------------ You may decrypt a ciphertext file in PGPShell by one of two ways: either at the DOS command line by typing PGPSHELL or by selecting "Decrypt a Message" at the Main Menu. PGPShell will provide you the opportunity to choose none or all four decryption options from the Decryption Options dialog box (see Figure 7). The options available to you when choosing to decrypt a ciphertext file in PGPShell are: o Leave the signature on the message intact o Recover the original plaintext while decrypting o Detach signature certification from message o Don't write to a file; view on-screen only For a full explanation of these PGP encryption options you should consult your PGP documentation, but I'll go over each one briefly. Leave - This option uses the PGP [-d] command and if checkmarked, will override PGP's default and leave any signatures intact. Recover - This option uses the PGP [-p] command and if checkmarked, will save the decrypted plaintext's original filename. Detach - This option uses the PGP [-b] command and will create a separate .SIG file that contains the signature attached to the ciphertext file. View - This option uses the PGP [-m] command and forces the output to the screen (rather than PGP's default that saves to disk) when you read the decrypted plaintext. Here is what the Decryption Options dialog box looks like: Decryption Options ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ Leave the signature on the message intact ³ ³ Recover the original plaintext while decrypting ³ ³ Detach signature certification from message ³ ³ Don't write to a file; view on-screen only ³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ Fig. 7 Notice that the pointer tool is currently positioned at the first item in this list. To select "Leave" as an option, press the spacebar and a checkmark will appear to the left of the item: ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ Checkmarked ---> ³ û Leave the signature on the message intact ³ If you change your mind, you can press the spacebar again to remove the item as an option (and the checkmark will disappear). All of the items are optional, none are required for proper decryption with PGP. Consult your PGP documentation for more information on the optional decryption switches available to you. KEY MANAGEMENT SCREEN --------------------- The Key Management Screen can be accessed from the Main Menu by either pressing "4" (hot-key), using the arrow keys to highlight "Key Management" and pressing ENTER, or by clicking once with your mouse when highlighted. When you wish to exit from here, just press the ESC key. The Key Management Screen (the KMS if you will) is where all the action is happening. PGPShell has previously gathered all the relevent data concerning your public key ring and presents it to you here in a logical, concise way. The KMS is divided into three "boxes," the UserID Box, located in the upper left-hand corner; the Function Key Box, located in the upper right-hand corner; and the Current Key Box which fills the bottom two-thirds of the screen. The entire KMS is shown here in Figure 8: ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ kat woman ³ F1 - Help ³ ³ Philip R. Zimmermann ³³ F2 - Edit/Copy key currently selected ³ ³ Harry Bush ³³ F3 - Compose message to checkmarked recipients ³ ³ Johannes Kepler ³³ F4 - Add a new key to current key ring ³ ³ Fyodor Dostoyevsky ³³ F5 - Choose a different PGP key ring ³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ UserID: James Still ³ ³ E-mail: still@benji.colorado.edu KeyID: 4E4937 ³ ³ Fingerprint: AD 29 BE 28 5D 2B 77 BE F6 85 08 45 B6 2D 0B 36 ³ ³ ³ ³ Signatures Attached: Your Trust of This Person: ³ ³ ³ ³ Alan Bradley marginal ³ ³ R. Weston Westrope marginal ³ ³ Nathaniel David Jones marginal ³ ³ Lenny Bruce marginal ³ ³ Umberto Eco complete ³ ³ ³ ³ ³ ³ This is your key... ³ ³ ³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ Spacebar to checkmark UserID - ENTER/left-click to view stats - ESC to quit Fig. 8 There's a lot going on here, so don't worry about it at first if you're intimidated by it all. Lets take each section of the KMS individually and explain it in greater detail. The UserID Box -------------- The UserID Box displays a list of all of the people that are on your public key ring in an easy-to-read, scrollable box shown here in Figure 9: ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ kat woman  ³ Philip R. Zimmermann ³ ³ Harry Bush ³ ³ Johannes Kepler ³ ³ Fyodor Dostoyevsky ³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ Fig. 9 The pointer tool () highlights the key that is currently chosen. By pressing ENTER or clicking with your mouse, you can update the contents of the Current Key Box (the bottom two-thirds of the KMS) with information regarding that key. In the above example, my key "Johannes Kepler" has been highlighted (the pointer tool is set on that key) and the Current Key Box displays information relevent to my personal public key. (I'll explain more about the information in the Current Key Box later on.) When you move the mouse up and down (or arrow up and down) the fields will automatically update to the current key chosen. The Function Key Box -------------------- The Function Key Box is nothing more than a static display to remind you of what actions you may perform when in the KMS. There are four function keys (F1 through F5) available to you. ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ F1 - Help ³ ³ F2 - Edit/Copy key currently selected ³ ³ F3 - Compose message to checkmarked recipients ³ ³ F4 - Add a new key to current key ring ³ ³ F5 - Choose a different PGP key ring ³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ Fig. 10 By pressing "F1" at any time, a context-sensitive help window will pop up with more detailed information to guide you in using PGPShell. The "F2" key is reserved for editing or otherwise manipulating whichever key is currently highlighted. In our above example, if I wanted to remove some of the signatures from my public key, (PGP's -krs command) all I would have to do is press F2 and a popup menu will display. More on that later. Press "F3" to immediately compose a PGP-encrypted e-mail to one or more persons "checkmarked" in the UserID Box. To checkmark a UserID, just press the spacebar when the highlight bar rests on their name. You may checkmark as many persons as you want to, but at least one person must be checkmarked. If you press F3 and no one is checkmarked, an error message will briefly pop up on the screen and no action will be taken. I'll get into details about encrypting a message to one or more recipients later on in this documentation. Press "F4" to add a new key to the current key ring. A directory window will pop up asking you to select (with either your mouse or an arrow key and pressing ENTER) the DOS filename that contains the external key you wish to add. You can add any number of keys that may be contained in a file and the file doesn't necessarily have to contain only keys. In other words, there can be several pages of text with a key buried in the middle somewhere and PGP will find it okay. This is often the case when a new found friend sends you a PGP-encrypted text file and has put his public key at the end of it. Press "F5" to switch to another key ring. (You may also click with the mouse to perform this function.) Most people will use two key rings, the PUBRING.PGP and the SECRING.PGP key ring files. Quite a few others (families for instance) share the PGP.EXE file and each have their own key ring files. With this function, you can switch and choose key rings to load into PGPShell. Keep in mind that your key rings must be located where PGP can use them (in the PGPPATH DOS environment variable). You cannot change the PGPPATH variable from within the shell. Current Key Box --------------- The Current Key Box is the "output" of the selection you make in the UserID box when you press ENTER or click with your mouse. It will be constantly updated as you scroll through the keys on your public key ring and click on different ones to view them. The Current Key Box is divided up into three main sections: the Header, the Signators, and the Trust Parameters. Let's look at each one individually: Header The Header displays the UserID, E-mail address, KeyID, and Fingerprint of the current key. If PGPShell cannot determine an e-mail address for this key, a notice saying so will be displayed instead. Signators The Signators section displays, in a column format, all of the signatures attached to this public key and your trust of that signator (if you have indicated so). It is important to remember that your trust of the signator is not the same as your trust of the person that these signature's are attached to! You may trust "Alice" very closely, but that doesn't mean that "John" who has signed her key is also worthy of your trust. PGP's "web of trust" concept will be discussed later in this doc. Trust Parameters The bottom of the Current Key Box is reserved for two trust parameters: your trust and PGP's trust of this key. They should not be confused, since your trust is yours alone, but PGP makes a trust determination based upon *all* signator's to the current key. Again, this concept will be explained later in this documentation. F2 Function Key - Edit/Copy Key ------------------------------- Let's go into some greater detail on the inner workings of the last three function keys. (F1 Help, I'm sure needs no further explanation) When you press F2 to Edit/Copy the key currently selected, a Key Management pop-up menu will display. It is shown in Figure 11: ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ Key Management ³ ³ ³ ³ 1 Delete this key from your key ring ³ ³ 2 Copy this key to an external file ³ ³ 3 Indicate your trust in this person ³ ³ 4 Certify this key as valid ³ ³ 5 Remove signature(s) from this key ³ ³ 6 Disable or reenable this key ³ ³ 7 Quit ³ ³ ³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ Fig. 11 Each item on the menu may be selected by pressing its corresponding "hot key" number (one through seven), mouse-clicking, or pressing ENTER. Item number 1, Deletion is the PGP command: [-kr]. Choose this option to remove the currently selected key from your key ring. Removal is permanent so make sure you really want to delete that person from your key ring. Item number 2, Copy (Extraction) is the PGP command: [-kxa]. Choose this option when you want to make a duplicate, or a copy, or any key (including your own) on your public key ring. Usually you will need to do this when you want to give your key to someone else. You may also use this option after signing someone else's key that they have just given to you. That way they can have their key back with your signature on it. Notice that PGPShell adds the "a" (for ASCII) onto the command. Without it, the key would be extracted in binary format; nothing wrong with that, except that most remailers on the Internet will not handle binary format correctly. As a default PGPShell uses the ASCII option throughout because that has become the standard among most PGP users. This is especially so when you consider the recent popularity and explosion of users on the Internet who are exchanging keys and messages via Internet remailers. Item number 3, Trust Determination is the PGP command: [-ke]. Choose this option when you want to indicate your trust of the key currently selected. Unfortunately, many PGP users never use this option correctly. I won't go into detail here, but see the section on PGP's "web of trust" for more information on to correctly determine trust parameters. If you haven't read the PGP documentation, then by all means, do so. Item number 4, Certification is the PGP command: [-ks]. Choose this option to certify someone else's key on your key ring. Many a "key signing party" has taken place where this command gets used. When you certify someone's key, you are saying to the rest of the world that this person is who they say they are. No one has really addressed the issue of whether or not you should play "cop" and ask to see a driver's license. Although as I write this, some California Cypherpunks jokingly asked for each other's driver's licenses, presumably to counter the dangerous Tentacles of Medusa and other psuedospoofing tactics that have (tongue-in-cheek) manifested recently. Should you require firm identification? Probably not. This isn't to say that circumstances may be different for you. If you're a Bosnian Serb fighting Muslims and Croatians around Sarajevo, you may have different authentification standards than some fellas hanging out at the coffee shop. Item number 5, Signature Removal is the PGP command: [-krs]. Choose this option to remove one (or more) signator's from the key currently selected. If a key has a signature of a person that you have never heard of, then only their KeyID will be displayed in the Current Key Box. PGP's "web of trust" organization encourages this, because you never know who you may run into in the future that, once you add their key to your public key ring, their name triggers those KeyID's into giving you a positive identification of who they are and what their relationship is to your new found friend. Nevertheless, there may be reasons why you want to remove on or more signature's from a given key. Item number 6, Disable/Reenable is the PGP command: [-kd]. Choose this option to disable (make inactive) or, if already disabled, reenabled. You will probably use this option very rarely. Originally it was designed to act as a substitute for a key revocation certificate in the event that someone's secret key was compromised. But if that person lost their secret key, they would be unable to issue a revocation certificate (it can be a Catch-22, the lesson is don't lose your secret key!) Disabling a public key will render is useless for anything except signature checking. You cannot send an encrypted message to a recipient whose key has been disabled. Item number 7 will dispose of the Key Management menu and take you back to the Key Management Screen. F3 Function Key - Compose Message --------------------------------- PGPShell allows you to compose PGP-encrypted messages to the recipients on your public key ring from the Key Management Screen. Just press the spacebar to toggle the names in the UserID Box on or off, like a light switch. A checkmark (û) will appear to the left of the selected name after you press the spacebar key. Here is a sample of the Key Management Screen again, only I have checkmarked "Hober Mallow" and "R. Weston Holland": ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ û Hober Mallow, Trader ³³ F1 - Help ³ ³û R. Weston Holland ³³ F2 - Edit/Copy key currently selected ³ ³ Douglas Bradley ³³ F3 - Compose message to checkmarked recipients ³ ³ Wendy O. Williams ³ F4 - Add a new key to current key ring ³ ³ Fyodor Dostoyevsky ³³ F5 - Choose a different PGP key ring ³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ UserID: Douglas Bradley ³ ³ E-mail: bradleyr@ucsu.colorado.edu KeyID: A8E45D86 ³ ³ Fingerprint: 04 59 CA C3 89 2C 28 CC 15 E0 71 59 E7 89 CF 7C ³ ³ ³ ³ Signatures Attached: Your Trust of This Person: ³ ³ ³ ³ Johannes Kepler ultimate ³ ³ Nathaniel David Jones marginal ³ ³ ³ ³ ³ ³ ³ ³ ³ ³ ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ ³ Your personal trust of R.³Create a New Message? Y³nal ³ ³ PGP has determined the vaÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙto be: complete ³ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ After checkmarking the two recipients and pressing F3 to compose a PGP- encrypted message to them, a dialog box will pop up at the bottom of the KMS asking, "Create a New Message?" If you want to compose a message to them from scratch then answer "Y" by pressing the 'y' key. If you have previously composed or wish to continue editing a message, answer "N" (by pressing the 'n' key) and a directory dialog box will pop up to the left of the screen. Just find the file you were working on and press ENTER (or click with your mouse). If you change your mind during the selection of a file, you can always press the Escape key to return to the KMS. If you answer 'yes' and wish to create a new file, PGPShell will ask you to name it. Any legal DOS filename is acceptable. See the text editor section further on for details about using the PGPShell Editor. F4 - Add a New Key ------------------ To add a new key to your public key ring, press the F4 function key. A directory dialogue box will pop up and wait for you to point and click on the key file. If you change your mind, just press the ESC key and you will return to the KMS. Okay, so we've gone over the Key Management Screen pretty thoroughly, but it still may not make much sense to you if you're not very familiar with PGP. That's okay, once you get a few keys on your key ring (mine for instance it should be included with PGPShell as KEPLER.ASC), you'll get the hang of it. Practice using PGPShell by going into the Key Management Screen and pressing "F4". Choose my key and add it to your key ring. Then click on it (or press ENTER) to view the stats. Unless you've met me in person though, don't sign it! How do you know I am who I say I am? More on this stuff later though when I get into PGP's "web of trust." F5 - Choose a different Key Ring -------------------------------- This function key allows you to choose between many different key files that you may have created. Some people will have one key pair for their personal correspondence and another for business entities. Families find it useful to keep their key pairs separate too. Clicking once with the mouse will also invoke this function. You'll find this function useful for switching between your public and secret keys. The default directory that PGPShell will show you is the PGPPATH directory. Be aware that choosing a key ring file outside of the current PGPPATH directory will not change the PGPPATH environment variable automatically. You will be able to pull up key ring files in other directories and look at them in PGPShell, but you will not be able to manipulate them, because PGP will not know that they are there; it is still looking at the PGPPATH directory. To conveniently work with multiple key rings, keep them in the PGPPATH directory and rename them to a logical name that you find intuitive. For instance, you might have a key pair called "PRIMUS.PUB" and "PRIMUS.SEC" for your business, and another pair called "HOME.PUB" and "HOME.SEC" for your personal use. Families might employ first names to rename their key files to in order to intuitively tell them apart. If all else fails and you must have different key pairs in more than one directory, just exit PGPShell, set the new PGPPATH environment variable, and restart PGPShell. PGP AND THE "WEB OF TRUST" -------------------------- In keeping with the informality of this documentation, I'll digress into a little anecdote. Recently I attended a UNIX users conference in Boulder in which Philip Zimmermann (the author of PGP) gave a lecture on public key encryption and PGP in general. Throughout most of the meeting, he patiently answered questions concerning specific calculations of the IDEA algorithm, and the potential for brute force attacks on one's secret key. Finally he said something to the effect of, "Encryption is fine, but I would rather talk about something more important; the politics of PGP." Well said! Encryption is for the cryptologists; privacy is our gig. Only a fraction of us know much about the mathematics of encryption ciphers. Fortunately, PGP was not made for the cryptologists. It was made for you and I, people who desire a level of privacy in our lives that traditional e-mail doesn't have. So let's talk about the politics of PGP and specifically the "web of trust." Half of all the source code in PGP is dedicated to key authentication, trust level, and certification tracking. Good key management is essential if you are to succeed in knowing who's who on your key ring. Let's start with your own keys. PGP recognizes your personal private and public keys as "ultimate" for purposes of trust. That means that you are trusted "ultimately" to act as an introducer to others should they provide you a copy of their key. In PGP-talk, an "introducer" is any person who is with PGP public keys, what a notary public is with important documents. Picture a world where everyone is a notary public; stamping each others documents with their own official seals, verifying the validity of documents based upon the trustworthiness of the person who stamped it. That's the world of PGP, only instead of notary public seals, we have secret keys. And everyone who uses PGP has the capability of acting in the role of an introducer. Zimmermann describes this as a "guerilla-style" model of society rather than the more formalized "hierarchical" approach. PGP automatically ranks your own keys as "ultimate" and uses that as a base for the determination of the trust and validity of every other key on your key ring. PGP weighs the validity of keys based upon your trust of, either that person directly, or indirectly if you have indicated a trust in a third party. Here's an example: You know "Jane" personally (she's your girlfriend as a matter of fact) and trust her very well so you have signed her key and indicated your trust in her as "complete." (The highest trust you can place in someone other than yourself). PGPShell displays Jane's key like this: Jane's Key ---------- Signatures Attached: Your Trust of This Person: Your_Name_Here ultimate Your trust of Jane is: complete. PGP has determined the validity as: complete. <--- PGP's decision Notice that PGP has automatically weighed its own determination of the validity of Jane based upon your indication of trust in her. PGP doesn't pull this stuff out of a hat, there are parameters that you set in PGP's CONFIG.TXT file for telling PGP how much to trust someone. Here's what that part of my CONFIG.TXT file looks like: # Number of completely trusted signatures needed to make a key valid. Completes_Needed = 1 # Number of marginally trusted signatures needed to make a key valid. Marginals_Needed = 3 I have configured PGP to validate someone's key if one signature is completely trusted. If a signator is only marginally trusted, then it takes three such signatures to validate the key. Okay, so let's go back to good ol' Jane, your girlfriend. The next day "Joe" gives you his public key. You don't know Joe very well, but Jane does and she says he's a real swell guy. So you put Joe on your key ring and take a peek at it in PGPShell: Joe's Key --------- Signatures Attached: Your Trust of This Person: Jane complete Your trust of Joe is: unknown. PGP has determined the validity as: complete. "Aha," you say to yourself, Jane has signed Joe's key. Notice how PGPShell displays your trust of the signator (Jane) and then at the bottom of the screen displays your trust of Joe as "unknown" because you have never set the trust parameter and only just put the key on your ring. Nevertheless the CONFIG.TXT validity parameters are set as "One complete makes a key valid" so PGP determines the validity to be "complete." This is what is meant by a "web of trust", you trust Jane, Jane trusts Joe, so therefore PGP trusts Joe. A trusts B, and B trusts C, so A trusts C. Joe comes over to your apartment later that day and you find him to be a nice and real friendly guy. He loans you 5 bucks as a matter of fact. "What a swell guy," you think. Still, it's too early to make a personal determination of your trust in Joe so you stay with PGP's determination for now. A few days later, something weird happens. You come home from work and there's a letter sitting on your keyboard that says something to the effect of, "Dear Computer Nerd, I have left you for Joe. Goodbye, Jane." "I'll show her!" you say to yourself. After firing up your computer, and starting PGPShell, you highlight Jane's key and change your trust of her from "complete" to "no" trust at all. Because you have changed your trust in your now ex-girlfriend, it sends a "ripple effect" throughout all of your other keys on your key ring. Remember that you still haven't made a trust determination for Joe, instead letting PGP determine it for you until you got to know him better. Let's look at Joe's key now: Joe's Key After the Breakup --------------------------- Signatures Attached: Your Trust of This Person: Jane untrusted Your trust of Joe is: unknown. PGP has determined the validity as: undefined. <----- changed! Notice that PGP is nice enough to not condemn Joe right along with Jane. It merely lists its determination of Joe as "undefined" rather than "untrusted" like Jane. It leaves it up to you to gauge Joe's trustworth- iness from now on based upon events as they unfold. The point behind the web of trust model that PGP uses, is that everything is determined and weighed based upon your trust of all of the people on your public key. The "domino effect" could downgrade other "tentacles" (inside joke...) attached to a key that you edit. Likewise, if you upgrade your trust in someone, it could affect several other keys with signatures attached to this one and make their keys valid. You should take the editing of trust parameters very seriously because it will affect not just other keys on your key ring, but the keys on other peoples key rings as well (if you trade keys). Perhaps "erring on the side of caution," isn't a bad idea when it comes to the management of the keys on your key ring. Don't be afraid to make changes to your keys either. The important thing is to be very honest and make a good judgment call. Don't worry about what other people will think--PGP keeps your trust parameters private (on your secret key) and no one else will know about what you think. ADVANCED ENCRYPTION TECHNIQUES --------------------------------------------------------------------------- The RAM Drive ~~~~~~~~~~~~~ Some people have grown up on Windows' smart drive and DOS Shells and have forgotten what oldish things like RAM drives are all about. In issues such as privacy however, a RAM drive is an extra safety net to insure that your secret key is not compromised in any way. Here's how to set one up. Insert this line into your CONFIG.SYS file: DEVICE=C:\DOS\RAMDRIVE.SYS 1024 /e If you have a 386 or better computer, you could type "DEVICEhigh" instead of DEVICE to load the RAMDRIVE.SYS driver into high memory, but its only about 6K so its not crucial. The 1024 block of memory (1 meg) is the size of your RAM drive, and the switch "e" (/e) means you wish to use "extended" memory for your virtual drive. Reboot your computer for these changes to take effect. Your RAM drive will be given the next letter after your physical hard drive, i.e., if you have a single hard drive "C:" like most people, the RAM drive will be called "D". Type "cd d:" at the DOS prompt and you are in your RAM drive. The advantage of creating and using a RAM drive for PGP is that the RAM drive "D" is not physical, but located only in memory. That way when you shut down your computer, PGP disappears with it, and any trace of your secret key as well. Advanced PGP users keep the critical PGP files (CONFIG.TXT, PGP.EXE, PUBRING.PGP, SECRING.PGP, etc.) on a floppy that they carry around with them and only use PGP in their virtual RAM drives. When you want to enter a PGP session, just put the floppy in, and type "copy a:*.* d:" and your PGP files will be in the RAM drive. You can do this and still keep a copy of PGPShell in a C:\PGPSHELL directory to use PGP. Before starting a PGP session, just type "set pgppath=d:" at the DOS prompt, (or insert this command in your AUTOEXEC.BAT file if you use PGP often) to tell DOS that you've put PGP in a RAM drive. PGPShell will look at the DOS environment and see that PGP is located in the D: drive, and work on everything in there. Don't worry about loading PGPShell into your RAM drive; PGPShell itself is harmless and contains nothing that would compromise your secret key ring. Don't forget to copy the contents of the RAM drive back onto your floppy after exiting PGPShell, especially if you've added to, deleted or otherwise modified your keys. Once you shut off your computer anything located in RAM memory will be gone with it! Consult those old dusty DOS manuals for more information on creating and using RAM drives. The Encrypted Drive ~~~~~~~~~~~~~~~~~~~ Even safer and more convenient than the RAM drive, is the encrypted drive. Mike Ingle's "Secure Drive" program (currently version 1.0) is a rare needle in the software haystack allowing you to partition a portion of your hard drive and physically encrypt it using the same technology that PGP uses. Using Secure Drive, slice off a good chunk of real estate from your C drive (at least 5 megs) using DOS' FDISK command to create a secondary partition. (Follow the directions in your DOS manual to do this.) Then, put your PGP files, including your key pair into the encrypted drive. Your PGP files are encrypted and safely protected from the outside world. Read Mike's documentation carefully when you use Secure Drive. The most important thing to remember is that you should turn your computer off (or do some kind of cold boot) so that your pass phrase is removed from memory. There's no way to mess with the TSR that manages the Secure Drive partition (in an attempt to gather your pass phrase) if you perform a cold boot on your machine after using the Secure Drive. You can obtain Secure Drive as: SECDRV13E.ZIP from numerous sites in the U.S. only (not for export as of this writing). The Hidden Directory ~~~~~~~~~~~~~~~~~~~~ The hidden directory is the oldest trick in the book (and many a bane to system admins trying to clean up directory trees). Although far from foolproof, the hidden directory will slow down nosy co-workers who may be snooping on your computer while you're at lunch. Let's say you're not paranoid enough to warrant the use of a RAM drive but you still don't want anyone knowing you use PGP. Here's the next best thing: Go into a mundane directory tree like \DOS or \WINDOWS\SYSTEMS where no one ever looks and create a subdir called something harmless like "SYS" or "BIN". Copy all of your PGP stuff into that directory (let's say C:\DOS\BIN for example.) Then get back out to C:\DOS and type: "ATTRIB +H BIN" from the DOS prompt. Using the DOS "Attribute" command, you've hidden (+H) the BIN subdirectory from view. Its still there, but someone would have to know what they were doing to find it. (If you want to see it type "ATTRIB BIN" from the DOS prompt.) When you want to use PGP, just type "set pgppath=c:\dos\bin" at a DOS prompt and you're set. Here's a good batch file to use (which you can hide as well) that can be located anywhere along the DOS path: @echo off set pgppath=c:\dos\bin cd \pgpshell pgpshell Call the batch file something dumb like "READ_DIR.BAT" or hide it by using ATTRIB like this: ATTRIB +H READ_DIR.BAT so that the pgppath statement is not compromised easily. Whenever you want to use PGP just type READ_DIR and everything will load for you. This isn't 100%, as I stated before, but its good enough to fool most people since they won't mess around with something that they don't even know is there. If people or police are specifically looking for PGP or encrypted messages on your system, then you're screwed anyway; call a lawyer. Hidden Directory Variation ~~~~~~~~~~~~~~~~~~~~~~~~~~ One problem with the hidden directory is that your snoopy co-workers can toggle "show hidden files" in Window's File Manager and then the gig is up. A good trick is to add another subdirectory underneath the hidden directory with an ANSI code as a letter. Let's say you have a hidden directory called C:\HIDDEN. Change dir into that and at the DOS prompt type: "md TRICK" followed by: 255. You must press and hold down the ALT key when you type the keys 255 on your numeric keypad. You'll see a space instead of a character. This baffles Window's File Manager so that no one can see or access the contents of the directory. To get into the directory yourself, shell out to DOS (if you're in Windows) and type: "cd TRICK" followed by 255 on the keypad. The Paranoid Encryptor ~~~~~~~~~~~~~~~~~~~~~~ This one is courtesy of the handful of paranoid people that warned me to be careful because, as a result of PGPShell "they" will be out to get me. Nevertheless, there may be occasions when the enemy is very real, and you cannot afford to have your encrypted messages cracked by those naughty NSA Cray computers. One way in which a computer is able to crack your message is by applying a consistent mathematical algorithm (a brute force attack) against your message until a pattern emerges that spells out words. Your RANDSEED.BIN 24-byte file (Random Seed Binary) is where PGP draws its material from when it comes time to encrypt your message. A computer is not able to generate truly random acts on its own, thats why PGP needed you to monkey-type at random when you first created your personal keys. If PGP can't find a RANDSEED.BIN file, it will create a seed file "on the fly" and ask you to bang away on your keyboard just before encrypting. By inserting a line at the end of the above READ_DIR batch file like this: "del c:\dos\bin\randseed.bin", you'll create a new seed file each time you use PGP. This will blow any pattern that could possibly develop over time (during which the attacker is amassing your encrypted messages and studying each of them for patterns). PGP's own RANDSEED.BIN file does a good job of providing enough material for encryption, but this option is still a "safety net" of sorts for the truly paranoid. Secure FileSystem ~~~~~~~~~~~~~~~~~ One of the advantages to the "cypher-revolution" is that it builds on itself and produces software that is better and better over time. The Secure FileSystem, or SFS, is an example of an excellent piece of software that has been needed for years, but could only be introduced really after PGP paved the way. With SFS you can create a partition on your hard disk, provide it with a logical drive letter such as "D", and completely encrypt the entire contents of that drive. SFS uses a device driver to create the encrypted drive, so use of the DOS FDisk program and reformatting your existing hard drive is unnecessary. I highly recommend obtaining this program. With it, you could put PGP and PGPShell on the encrypted drive and enjoy protection from an attacker who might want to copy your keyrings for later analyzation. You can get SFS at these FTP sites. Please access the site that is geographically closest to you and call at night if possible to save bandwidth: Australia: ftp://archie.au:/micros/pc/garbo/pc/crypt/sfs110.zip Finland: ftp://garbo.uwasa.fi:/pc/crypt/sfs110.zip Germany: ftp://ftp.germany.eu.net:/pub/comp/msdos/ mirror.garbo/pc/crypt/sfs110.zip S. Africa: ftp://owl.und.ac.za:/mirrors/garbo/pc/crypt/sfs110.zip U.S. ftp://ftp.cdrom.com:/pub/garbo/pc/crypt/sfs110.zip CLOSING COMMENTS ---------------------------------------------------------------------------- PGPShell should be easy to use. If it isn't, then I failed somewhere. Many users want to use encryption but face a "mental block" when using PGP because of its intimidating UNIX command-line interface. My hope is that more people who want to get into encryption, will do so through the friendlier PGPShell environment. My philosophy is that this is YOUR program and that I am merely the caretaker of it. If you have any questions or comments, please feel free to e-mail me on the Internet at which is a good account until probably late summer 1995. After that time, look for me on the Usenet group alt.security.pgp (or on alt.christnet.bible where I engage in my hobby of amateur biblical hermeneutics!). As soon as I know my new e-mail address in Minnesota, I'll post a brief message to alt.security.pgp announcing it for anyone who needs user support. If you e-mail me, *please* don't encrypt your message. I just haven't the time to decrypt everything that gets sent to me. REGISTRATION ---------------------------------------------------------------------------- PGPShell v3.3 is freeware. You do not have to pay for this program and are encouraged to distribute it freely to anyone who is interested in protecting their privacy. QUESTIONS & ANSWERS -------------------------------------------------------------------------- Q: I notice that PGPShell runs an output routine to gather data from my public key rings. My key ring is very large and this takes too long; isn't there some other way to do this? A: The answer is yes and no. (or maybe not really...) After experimenting with various ways of collecting PGP data, the "all at once" way was the best, proving to be as seamless to the end user as possible. If you have a slow computer, or grow impatient at this output routine, you should copy those keys that you don't need or use into a "repository" directory (perhaps in a subdirectory named KEYS off of the main C:\PGPSHELL directory) and only add them on if you need them for that 'once in a while' e-mail message. This will keep your key ring smaller and a lot easier to manage. Q: When I start PGPShell, it just locks up, or never gets to the main menu screen. What gives? A: PGP requires huge amounts of conventional memory to run. There is nothing I can do about that. Unfortunately, I can't even predict when there is a memory lockup most of the time. Reboot your computer and when you see the "Starting MS-DOS..." message on your screen, press and hold down the SHIFT key. This should give you enough conventional memory to correctly run PGP and PGPShell. Q: Why isn't there a Windows version of PGPShell? A: PGPShell can be run from Windows already if you create a PIF file with low graphics, foreground use, etc. Usually this question is asked more from a compatibility or aesthetics standpoint ("I'd like to see a cool looking icon....") Several things: o A good many people in places like the former Soviet Union who remember the pre-Perestroika days and wish to use PGP, still don't have access to 386+ computers, let alone the latest graphical operating systems like here in the West. o There are security risks involved in using PGP from Windows. If you have a machine with less than 8 megabytes of RAM, it is possible that Windows must swap PGP out to disk in order to perform other operations. Your pass phrase and sensitive text may become written to a permanent swap file if this occurs. o I decided that, given the purpose and reason for PGP (Phil's vision of grass-roots based communication, et. al.) serving the 640K RAM, DOS-based XT's (and monochrome monitor folks) and above was the best choice. Q: Everytime I try to add, remove, or otherwise work with my key ring PGP gives me error messages of "UserID not found" and it doesn't seem to be able to read it even though the shell shows everything fine. What's up? A: Check to make sure that the key you have loaded into PGPShell is pointed to by the DOS environment variable PGPPATH. If you are unsure, exit PGPShell and type "set pgppath=[filepath] and try again. PGPShell may read and load a keyring fine, but if PGP doesn't know about it (through PGPPATH) you'll get error messages. Also make sure that the MyName config variable in the CONFIG.TXT file is entered in quotes and that your UserID is spelled correctly. Q: What gives? My key displays garbage at the bottom of the KMS! A: You either misspelled or forgot to type your UserID in the "MyName" configuration of PGP's CONFIG.TXT file. Q: When I enter the Key Management Screen from the main menu PGPShell doesn't display any keys at all! A: The PGP.EXE file is probably missing from the PGPPATH directory and the keys were not gathered properly upon startup. Make sure that PGPPATH points to your PGP directory. DISCLAIMER OF WARRANTY -------------------------------------------------------------------------- This software and manual are distributed "AS IS" and without warranties as to performance of merchantability or any other warranties whether expressed or implied. Because of the various hardware and software environments into which this program may be put, no warranty of fitness for a particular purpose is offered. Good data processing procedure dictates that any program be thoroughly tested with non-critical data before relying on it. The User must assume the entire risk of using the program. Any liability of the seller will be limited exclusively to product replacement or refund of purchase price. James Still disclaims all warranties, expressed or implied, including without limitation, the warranties of use and/or fitness of PGPShell for any purpose. James Still assumes no liabilities for damages, direct or consequential, which may result from the use or misuse of PGPShell. Are you writing this down? CREDITS ---------------------------------------------------------------------------- Thanks to my wife Katherine who has been accepted on a two-year scholarship for graduate studies in Urban Planning at the University of Minnesota. (Can you tell I'm proud of her?) Snow and ice here we come... Bye! PGPShell is Copyright (c) 1992-1995 by James Still. All Rights Reserved. ----- EOF ---------------------------------------------------------------