Hi there,
The easiest way to use GnuPG under Windows that I know of would be a
graphical interface called GNU Privacy assistant. I use it myself and
have been very satisfied with what it offers. You can download it from
this URL:
http://www.gnupp.de/download/gnupp-1.1-en-installer.exe
The installer includes GnuPG for Windows (which is actually a command
line tool), WinPT - a small program that runs in the background and
connects GnuPG with your software of choice (it can be accessed via
its tray icon), a special plugin for Outlook (since I'm not sure what
program you use, I'll give a detailed step-by-step description which
can be used with any email program out there) and, eventually, the GNU
Privacy assistant, i.e. the graphical interface.
Steps for sending an encrypted email
1) First you need to create your individual pair of secret and private
keys. With the GnuPA, this is done as follows:
Click on Keys/Generate Key. Follow the instructions, entering you
name, email address, possible comments and a passphrase which is used
to protect your key. You should create a backup copy of your keys as
recommended. The newly created key will now appear in the
application's main window.
2) Have your client send you his public key by email. Mark his public
key and copy it to the clipboard using CTRL-C. In the GnuPA, select
Keys/Import Key. Choose Import from clipboard. His public key is now
part of your local keyring. Alternatively, you can search for his
public key using the same command (Keys/Import Key) and then using the
"Receive from server" feature. Use your client's email address as the
KeyID.
3) Now compose the email you wish to send to your client using your
regular email application. Make sure the WinPT program is running.
Mark the text of the email and press CTRL-C (for copy). The email is
now stored in your clipboard. Right-click on the WinPT tray icon and
select Clipboard/Encrypt. In the upcoming dialog, select your client's
email address and press OK. A confirmation message will appear. Now go
to your email program again. Make sure the text of your email that you
just copied is still marked. Activate the window and click CTRL-V (for
paste). Voilą, there you have your encrypted email as the body of your
message.
4) Now just perform your regular procedure for sending email. That's
it.
In case you want to inform yourself a little bit more in detail about
GnuPG, I'd suggest you take a look at this FAQ:
http://www.gnupg.org/faq.html
The section on compatibility with the other PGP software packages
around is well worth reading.
Good luck on sending your first encrypted email, and who knows, maybe
you'll like it so much you'll even start using email encryption for
your private messages as well.
Best regards,
searchbot-ga |
Request for Answer Clarification by
indiafin-ga
on
24 Jun 2002 14:05 PDT
i want to encript the files and than sign it , but when i sign the
files after encription , i get only the sig files , need help how do
do this , either with GNU privacu assistant, or window privacy tray
|
Clarification of Answer by
searchbot-ga
on
25 Jun 2002 03:05 PDT
Hello again,
i assume what happened for you is the following: you followed my
procedure listed above and instead of only clicking on "encrypt", you
chose "sign & encrypt". What happens then is that GnuPG performs two
seperate steps, it first signs the message and then encrypts it. Now
if you then paste the results back to your mail window, it may appear
as if the message had only been encrypted, because the signature has
been encrypted as well. (And is now a part of the encrypted text
block.) If you go about and mark that encrypted/signed portion of text
again, right-click on WinPT and then "decrypt & verify", then paste
again, it will show you your original text and a window will pop open
telling you the signature is good, and telling you the owner of that
signature, that is, you. (The latter of which is the result of the
signing process.) So you see, everything just went fine.
Again, this is only an estimate on my part of what happened, so I may
be wrong here. In that case, please restate your clarification. Other
than that I may add, that to my knowledge the proper process is to
first sign and then encrypt a message, not vice versa as you were
saying. You CAN do it the other way round, if you so desire, but the
message will look somewhat mixed up then.
Please get back to me in case I misunderstood you.
Thanks,
searchbot-ga
|
Clarification of Answer by
searchbot-ga
on
25 Jun 2002 18:36 PDT
Hi again,
reading your comment it occurred to me that there was some deeper
misunderstanding going on between us. I thought your first request for
clarification also referred to sending mail only while you were
obviously trying to find out how to encrypt binary FILES. Alright, now
that we're clear on this, let me try help you out there as well. We'll
be using WinPT for the encryption/signing and the command line for
decryption/verifying.
About the detached signature: Here it is important to check "Normal
Signature" whenever using the Sign option. Let's just do this step by
step.
1) Right click on the WinPT tray icon. Open the File Manager. Drag and
drop the file to the window.
2) Right click the file, select Encrypt. Choose the Recipient's key.
3) The status of the file is now changed to "Encrypted".
4) Right click the file again. Select Sign. Choose Normal Signature.
Enter your Passphrase.
5) New status of the file: Signed.
6) You now have 3 files in your directory: the original file.xyz, the
only encrypted file.xyz.gpg and the encrypted and signed
file.xyz.gpg.gpg.
7) Distribute the latter to your contact.
By the way, it is also possible to first sign and then encrypt the
file. The output file name will be the same: file.xyz.gpg.gpg.
Now, to restore the original file (on your client's side), I'd
strongly recommend using the command line. For some reason I couldn't
figure out for the moment, WinPT will successfully decrypts a file
that's only encrypted without a problem; it won't, however, restore
the original file out of a signed one. Here the command line comes in
handy. Just follow these steps, and the original file is quickly
restored:
1) Open a command line by clicking Start/Run or press <Windows-Key>-R.
Enter cmd. A window will open.
2) Navigate to your GnuPG directory, i.e. enter cd <your GnuPG
directory>
3) Copy the files you wish do decode/verify there
4) Simply enter gpg <file>, so to get back to our example, this would
be gpg file.xyz.gpg.gpg
5) This will produce a file called file.xyz.gpg and tell you the
status of the signature.
6) Do the same thing again, this time on the file that was just
created: gpg file.xyz.gpg
7) You'll have to enter your passphrase (i.e. your client) and then
you'll find the decrypted file in your directory: file.xyz
I hope this was what you were looking for in addition to your original
question.
Have a good day,
searchbot-ga
|