Computer Security
 » 
Encryption and Cryptography
 » 
Mac GNU Privacy Guard
 » 
macgpg-users

gpg on mac os x

View: New views
2 Messages — Rating Filter:   Alert me  

gpg on mac os x

by Louise Stein :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi.
I have a question. I got gnupg (version for mac os x 10.4.8) installed on my mac os x 10.5.6. aditionally I got the the keychain access (0.7.0) and the gpg file tool (1.0.2). I created a new pair of keys and imported some public keys of other people into the keychains.
But now if I want to encrypt a doc in order to send it to others, the file tool only shows me my own keys but no list of the other pubkeys to choose from.
Iam a missing some important step or another component of gpg?
Thanks.



------------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It is the best place to buy or sell services for
just about anything Open Source.
http://p.sf.net/sfu/Xq1LFB
_______________________________________________
Macgpg-users mailing list
Macgpg-users@...
https://lists.sourceforge.net/lists/listinfo/macgpg-users

Re: gpg on mac os x

by Charly Avital :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Louise Stein wrote the following on 1/7/09 4:02 PM:
> Hi.

Hi Louise,

> I have a question. I got gnupg (version for mac os x 10.4.8)

Do you mean that you have GnuPG 1.4.8 installed? There is no GnuPG 10.4.8.

I suppose you installed gpg 1.4.8 using the binary installer available
at <http://macgpg.sourceforge.net/index.html#files>?

 installed on my mac os x 10.5.6.

Great, so you are running "Leopard".

 aditionally I got the the keychain access (0.7.0) and the gpg file tool
(1.0.2).

I believe that Keychain Access has not been updated since 2005, and
GPGFileTool since 2003, but they both still work on MacOS X 10.5.6, more
or less.


>I created a new pair of keys and imported some public keys of other people into the keychains.

You imported some public keys of other people into your public keyring,
and those keys show in Keychain Access/Public, together with your own
public key.

How did you import those keys?

> But now if I want to encrypt a doc in order to send it to others, the file tool only shows me my own keys but no list of the other pubkeys to choose from.

> Iam a missing some important step or another component of gpg?

It has been a long time since I used GPGFileTool, but I believe it is
possible that when GPGFileTool was created, the standard was that public
keys could not be used for encryption unless they were validated by the
owner of the public king. It is not so any longer now.

If this is still the situation, this might be the reason why GPGFileTool
does not recognize the keys you have imported, because you have not yet
validated them.

In order to validate a public key, you have to sign it using your secret
key. You are not supposed to sign other people's public keys, unless you
have ascertained, through direct contact (meeting face to face, etc.)
with the owner of each key that she or he is, in fact, the real owner of
the key.

If you have not yet done it, you should read basic information about
validation and trust.

I suggest you point your browser to
<http://www.gnupg.org/documentation/guides.en.html>, where you can
choose to read The GNU Privacy Handbook that is available in different
formats, and in different languages.

As a "quick fix" you can try the following:
in Keychain Access/Public, select (highlight) the row where someone's
public key is displayed, and choose from the Menu Key/Sign Local, and
then follow the prompts. A 'local signature' is "good" only inside your
own keyring, and it is not exportable.

After you have done that for each key you want to validate, I suggest
that in Keychain Access, you click in Menu GPG/Update Trust Database...,
and follow the prompts for each key what will be displayed.

You don't need to sign you own public key, because you did it already,
automatically, in the generation process of the key.

After you quick GPGFileTool, and relaunch GPGFileTool, it should show
all the keys available in your public key ring, where from to chose the
public of the recipient.

If you choose to have GPGFileTool Sign or Sign and Encrypt, GPGFileTool
will prompt you to use your default secret key to sign.

I hope this works for you. As I wrote above, it has been years since I
used GPGFileTool, and I don't use any more.


You seem to be using yahoo web mail? Maybe you might consider using
Apple's Mail, that is an integral part of your MacOSX installation, and
that can be made to interact with your installation of GnuPG, using
GPGMail
<http://www.sente.ch/software/GPGMail/English.lproj/GPGMail.html> where
an option to "trust all keys" is available.

The current stable version of GnuPG is 1.4.9, but I suggest that you see
to that after you sort out your present situation with GPGFileTool, that
will help you to get more acquainted with the use of GnuPG, and decide
whether you want to use GPGMail.

Do not hesitate to ask more questions, if you need to.

Regards,
Charly





------------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It is the best place to buy or sell services for
just about anything Open Source.
http://p.sf.net/sfu/Xq1LFB
_______________________________________________
Macgpg-users mailing list
Macgpg-users@...
https://lists.sourceforge.net/lists/listinfo/macgpg-users
Free embeddable forum powered by Nabble Forum Help