--- pgp/doc/setup.doc 2018/04/24 16:39:43 1.1.1.1 +++ pgp/doc/setup.doc 2018/04/24 16:42:47 1.1.1.4 @@ -1,5 +1,7 @@ - Pretty Good Privacy version 2.2 + Pretty Good Privacy version 2.6 Installation Guide by Perry Metzger + Edited for 2.5 by Colin Plumb and others + Edited (trivially) for 2.6 by Jeff Schiller How to Install PGP @@ -7,10 +9,11 @@ How to Install PGP The first question is, what platform are you on? -PGP 2.2 runs on several varieties of Unix, MS-DOS, VAX VMS, Ataris, -Amigas, and possibly other operating systems. Naturally, installation -instructions differ depending on your hardware. Separate instructions -are provided here for MSDOS and Unix. +The base PGP 2.6 distribution runs on several varieties of Unix, MS-DOS +and VAX VMS. Ports can be expected shortly to the Atari, Amiga, and +possibly other systems. Naturally, installation instructions differ +depending on your hardware. Separate instructions are provided here for +MSDOS and Unix. No matter what the machine you are on, though, do this... @@ -18,14 +21,12 @@ STEP 1: READ THE DOCUMENTATION. At least read Volume I of the PGP User's Guide. Cryptography software is easy to misuse, and if you don't use it properly much of the security you could gain by using it will be -lost! You might also be unfamiliar with the concepts behind public -key cryptography; the manual explains these ideas. Even if you are -already familiar with Public Key Cryptography, it is important that -you understand the various security issues associated with using -PGP. It may not be important to read the fine print on a box of -breakfast cereal, but it may be crucial to read the label of a -prescription drug. Cryptography software is like pharmaceuticals-- -so read the manual! +lost! You might also be unfamiliar with the concepts behind public key +cryptography; the manual explains these ideas. Even if you are already +familiar with public key cryptography, it is important that you +understand the various security issues associated with using PGP. PGP +may be an unpickable lock, but you have to install it in the door +properly or it won't provide security. See the section below for your system's particular installation instructions. @@ -37,38 +38,49 @@ the sources to your machine or find some For MSDOS: PGP is distributed in a compressed archive format, which keeps all -the relevant files grouped together, and also saves disk space and +the relevant files grouped together, and also saves disk space and transmission time. -The current version, 2.2, is archived with the ZIP utility, and the -PGP executable binary release system is in a file named PGP21.ZIP. -This contains the executable program, the user documentation, and a -few keys and signatures. There is also a second file available -containing the C and assembly source code, called PGP21SRC.ZIP; unless -you are a programmer interested in cryptography, it is probably of -little interest to you. It may or may not be available from the -source from which you get PGP21.ZIP; if not, and you want it, see the -Licensing and Distribution section of the PGP User's Guide. +The current version, 2.6, is archived with the ZIP utility, and the +PGP executable binary release system is in a file named PGP26.ZIP. +This contains the executable program, the user documentation, the +RSAREF license, and a few keys and signatures. There is also a +second file available containing the C and assembly source code, +called PGP26SRC.ZIP. If you are a programmer, this may be of interest +to you. This should be available from the same source from which you +got PGP26.ZIP. If not, and you want it, see the Licensing and +Distribution section of the PGP User's Guide. You will need PKUNZIP version 1.1 or later to uncompress and split -the PGP21.ZIP archive file into individual files. PKUNZIP is +the PGP26.ZIP archive file into individual files. PKUNZIP is shareware and is widely available on MSDOS machines. Create a directory for the PGP files. For this description, let's use the directory C:\PGP as an example, but you should substitute -your own disk and directory name if you use something different. +your own disk and directory name if you use something different. Type these commands to make the new directory: c: md \pgp cd \pgp -Uncompress the distribution file PGP21.ZIP to the directory. For +Uncompress the distribution file PGP26.ZIP to the directory. For this example, we will assume the file is on floppy drive A - if not, substitute your own file location. - pkunzip a:pgp21 + pkunzip -d a:pgp26 +If you omit the -d flag, all the files in the doc subdirectory will +be deposited in the pgp directory. This merely causes clutter. + +This will create the file PGP26I.ZIP and PGP26I.ASC. Unzip PGP26I.ZIP +with the command: + + pkunzip -d pgp26i + +Keep the PGP26I.ZIP file around. Once you have PGP working you can use +PGP26I.ASC to verify the digital signature on PGP26I.ZIP. It should come +from Jeffrey I. Schiller (whose key is included in keys.asc). Setting the Environment ----------------------- @@ -83,6 +95,12 @@ following lines to your AUTOEXEC.BAT fil Substitute your own directory name if different from "C:\PGP". +The CONFIG.TXT file contains various preferences. You can change +the language PGP operates in, and the character set it uses. The +IBM PC's default character set, "Code Page 850" will be used if the +line "charset = cp850" appears in the config.txt file. You probably +want to add that line. + Another environmental variable you should set in MSDOS is "TZ", which tells MSDOS what time zone you are in, which helps PGP create GMT timestamps for its keys and signatures. If you properly define TZ in @@ -102,7 +120,7 @@ For Amsterdam: SET TZ=MET-1DST For Moscow: SET TZ=MSK-3MSD For Aukland: SET TZ=NZT-13 -Now reboot your system to run AUTOEXEC.BAT, which will set up +Now reboot your system to run AUTOEXEC.BAT, which will set up PGPPATH and TZ for you. @@ -111,14 +129,23 @@ Generating Your First Key ------------------------- One of the first things you will want to do to really use PGP (other -than to test itself) is to generate your own key. This is described -in more detail in the "RSA Key Generation" section of PGP User's +than to test itself) is to generate your own key. This is described in +more detail in the "RSA Key Generation" section of the PGP User's Guide. Remember that your key becomes something like your written signature or your bank card code number or even a house key - keep it secret and keep it secure! Use a long, unguessable pass phrase and -remember it. Right after you generate a key, put it on your key -rings and copy your secret keyring (SECRING.PGP) to a blank floppy -and write protect the floppy. +remember it. Right after you generate a key, put it on your key rings +and copy your secret keyring (SECRING.PGP) to a blank floppy and write +protect the floppy. + +If you are a first-time user of PGP, it is a good idea to generate +a short test key, with a short passphrase, to play around with PGP +for a little bit and see how it works, or even more than one so +you can pretend to be sending messages between two different people. +Since you won't be guarding any secrets, this can be short and have +a simple pass phrase. But when you generate your permanent key, +that you intend to give to others so they can send secure messages +to you, be much more careful. After you generate your own key pair, you can add a few more public keys to your key ring. A collection of sample public keys is @@ -132,10 +159,21 @@ For UNIX: You likely will have to compile PGP for your system; to do this, first make sure the unpacked files are in the correct unix textfile format -(the files in pgp21src.zip are in MSDOS CRLF format, so for unix you -must unpack with "unzip -a"). Then copy the file "makefile.unx" in the +(the files in pgp23src.zip are in MSDOS CRLF format, so for Unix you +must unpack with "unzip -a"; the tar file pgp23.tar.Z uses normal Unix +line feed conventions). Then copy the file "makefile.unx" in the distribution to "Makefile". +Then, you will need the March 16, 1994 release of the RSAREF 2.0 +package. It is included with the PGP 2.5 distribution from MIT. It +should be unpacked in a directory named "rsaref2" that is a sibling of +the directory that PGP is unpacked in. (If you use a different +location, you will have to modify the Makefile and rsaglue2.c.) + +Make a directory rsaref2/unix, copy the makefile over from +rsaref2/install/unix, and build the rsaref.a library. The RSAREF +package has more detailed instructions. + If you don't have an ANSI C compiler you will need the unproto package written by Wietse Venema. unproto was posted on comp.sources.misc and can be obtained from the various sites that archive this newsgroup @@ -156,6 +194,8 @@ type: "make x286" for XENIX/286 with asm primitives and unproto "make ultrix" for DEC 4.2BSD Ultrix with gcc "make rs6000" for RS6000 AIX + "make irix_asm" for IRIX with asm primitives + "make" to list the available platforms There are more targets in makefile.unx. If your system doesn't have a target in makefile.unx you will have to edit the makefile, make @@ -191,8 +231,10 @@ this should produce the file "testfile" If everything went well, install pgp in a bin directory. Place the documentation, pgpdoc1.txt and pgpdoc2.txt somewhere where -you can reasonably read it; since it's for you, not the software, the -location doesn't really matter. +you can reasonably read it. The software looks for it when running +(especially generating keys), so someplace reasonably obvious would +be good. "pgp -kg" will give you full details if it can't find the +manuals. Place the man page (pgp.1) in an appropriate spot. If you don't know anything about how man pages work, you can make the man page look @@ -200,18 +242,31 @@ human readable yourself by typing "nroff reading "pgp.man". Create a subdirectory somewhere in your home directory hierarchy to -hold your public and private key rings and anything else pgp might -need (like the language.txt file). You must set the environment +hold your public and private key rings and anything else pgp might need +(like the language.txt file). The default name PGP assumes is ~/.pgp. +If you want to use a different name, you must set the environment variable "PGPPATH" to point to this place before you use the system. -Copy the files "language.txt", "config.txt", and the ".hlp" files from -the distribution into this subdirectory. > IMPORTANT: This directory cannot be shared! It will contain your < > personal private keys! < +If you are installing PGP for yourself, copy the files "language.txt", +"config.txt", and the ".hlp" files from the distribution into this +subdirectory. + +If you are installing PGP system-wide, the directory to use is +/usr/local/lib/pgp for the config, language and help files. +This can be changed in fileio.h when compiling. It's the value +of PGP_SYSTEM_DIR. + +Tell PGP the character set and language you wish to use in the config.txt +file. If you have a terminal that only displays 7-bit ASCII, use +"charset=ascii" to display an approximation (accents are omitted) of +extended characters. + >> IMPORTANT: Please read the sections in the man page and manual << ->> about vulnerabilities before even THINKING about using this << ->> software on a multi-user machine!!!! << +>> about vulnerabilities before using this software on a multi- << +>> user machine! << Now, if you haven't done so yet, GO READ THE MANUAL. @@ -219,16 +274,6 @@ Now, if you haven't done so yet, GO READ ###################################################################### For VMS: -Read the file readme.vms in the vms subdirectory - -###################################################################### -For Amiga: - -[This space intentionally left blank] - -###################################################################### -For Atari: - -[This space intentionally left blank] +Read the file readme.vms in the doc subdirectory ######################################################################