![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to setup.doc CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [PGP] / pgp / doc|
Return to setup.doc CVS log | Up to [PGP] / pgp / doc |
1.1.1.3 ! root 1: Pretty Good Privacy version 2.5 ! 2: Installation Guide by Perry Metzger ! 3: Edited for 2.5 by Colin Plumb and others ! 4: ! 5: ! 6: How to Install PGP ! 7: ================== ! 8: ! 9: The first question is, what platform are you on? ! 10: ! 11: The base PGP 2.5 distribution runs on several varieties of Unix, MS-DOS ! 12: and VAX VMS. Ports can be expected shortly to the Atari, Amiga, and ! 13: possibly other systems. Naturally, installation instructions differ ! 14: depending on your hardware. Separate instructions are provided here for ! 15: MSDOS and Unix. ! 16: ! 17: No matter what the machine you are on, though, do this... ! 18: ! 19: STEP 1: ! 20: READ THE DOCUMENTATION. At least read Volume I of the PGP User's ! 21: Guide. Cryptography software is easy to misuse, and if you don't use ! 22: it properly much of the security you could gain by using it will be ! 23: lost! You might also be unfamiliar with the concepts behind public key ! 24: cryptography; the manual explains these ideas. Even if you are already ! 25: familiar with public key cryptography, it is important that you ! 26: understand the various security issues associated with using PGP. PGP ! 27: may be an unpickable lock, but you have to install it in the door ! 28: properly or it won't provide security. ! 29: ! 30: See the section below for your system's particular installation ! 31: instructions. ! 32: ! 33: If you do not have any of these systems, you will either have to port ! 34: the sources to your machine or find someone who has already done so. ! 35: ! 36: ###################################################################### ! 37: For MSDOS: ! 38: ! 39: PGP is distributed in a compressed archive format, which keeps all ! 40: the relevant files grouped together, and also saves disk space and ! 41: transmission time. ! 42: ! 43: The current version, 2.5, is archived with the ZIP utility, and the ! 44: PGP executable binary release system is in a file named PGP25.ZIP. ! 45: This contains the executable program, the user documentation, the ! 46: RSAREF 2.0 license, and a few keys and signatures. There is also a ! 47: second file available containing the C and assembly source code, ! 48: called PGP25SRC.ZIP. If you are a programmer, this may be of interest ! 49: to you. This should be available from the same source from which you ! 50: got PGP25.ZIP. If not, and you want it, see the Licensing and ! 51: Distribution section of the PGP User's Guide. ! 52: ! 53: You will need PKUNZIP version 1.1 or later to uncompress and split ! 54: the PGP25.ZIP archive file into individual files. PKUNZIP is ! 55: shareware and is widely available on MSDOS machines. ! 56: ! 57: Create a directory for the PGP files. For this description, let's ! 58: use the directory C:\PGP as an example, but you should substitute ! 59: your own disk and directory name if you use something different. ! 60: Type these commands to make the new directory: ! 61: ! 62: c: ! 63: md \pgp ! 64: cd \pgp ! 65: ! 66: Uncompress the distribution file PGP25.ZIP to the directory. For ! 67: this example, we will assume the file is on floppy drive A - if not, ! 68: substitute your own file location. ! 69: ! 70: pkunzip -d a:pgp25 ! 71: ! 72: If you omit the -d flag, all the files in the doc subdirectory will ! 73: be deposited in the pgp directory. This merely causes clutter. ! 74: ! 75: ! 76: Setting the Environment ! 77: ----------------------- ! 78: ! 79: Next, you can set an MSDOS "environment variable" to let PGP know ! 80: where to find its special files, in case you use it from other than ! 81: the default PGP directory. Use your favorite text editor to add the ! 82: following lines to your AUTOEXEC.BAT file (usually on your C: drive): ! 83: ! 84: SET PGPPATH=C:\PGP ! 85: SET PATH=C:\PGP;%PATH% ! 86: ! 87: Substitute your own directory name if different from "C:\PGP". ! 88: ! 89: The CONFIG.TXT file contains various preferences. You can change ! 90: the language PGP operates in, and the character set it uses. The ! 91: IBM PC's default character set, "Code Page 850" will be used if the ! 92: line "charset = cp850" appears in the config.txt file. You probably ! 93: want to add that line. ! 94: ! 95: Another environmental variable you should set in MSDOS is "TZ", which ! 96: tells MSDOS what time zone you are in, which helps PGP create GMT ! 97: timestamps for its keys and signatures. If you properly define TZ in ! 98: AUTOEXEC.BAT, then MSDOS gives you good GMT timestamps, and will ! 99: handle daylight savings time adjustments for you. Here are some ! 100: sample lines to insert into AUTOEXEC.BAT, depending on your time ! 101: zone: ! 102: ! 103: For Los Angeles: SET TZ=PST8PDT ! 104: For Denver: SET TZ=MST7MDT ! 105: For Arizona: SET TZ=MST7 ! 106: (Arizona never uses daylight savings time) ! 107: For Chicago: SET TZ=CST6CDT ! 108: For New York: SET TZ=EST5EDT ! 109: For London: SET TZ=GMT0BST ! 110: For Amsterdam: SET TZ=MET-1DST ! 111: For Moscow: SET TZ=MSK-3MSD ! 112: For Aukland: SET TZ=NZT-13 ! 113: ! 114: Now reboot your system to run AUTOEXEC.BAT, which will set up ! 115: PGPPATH and TZ for you. ! 116: ! 117: ! 118: ! 119: Generating Your First Key ! 120: ------------------------- ! 121: ! 122: One of the first things you will want to do to really use PGP (other ! 123: than to test itself) is to generate your own key. This is described in ! 124: more detail in the "RSA Key Generation" section of the PGP User's ! 125: Guide. Remember that your key becomes something like your written ! 126: signature or your bank card code number or even a house key - keep it ! 127: secret and keep it secure! Use a long, unguessable pass phrase and ! 128: remember it. Right after you generate a key, put it on your key rings ! 129: and copy your secret keyring (SECRING.PGP) to a blank floppy and write ! 130: protect the floppy. ! 131: ! 132: If you are a first-time user of PGP, it is a good idea to generate ! 133: a short test key, with a short passphrase, to play around with PGP ! 134: for a little bit and see how it works, or even more than one so ! 135: you can pretend to be sending messages between two different people. ! 136: Since you won't be guarding any secrets, this can be short and have ! 137: a simple pass phrase. But when you generate your permanent key, ! 138: that you intend to give to others so they can send secure messages ! 139: to you, be much more careful. ! 140: ! 141: After you generate your own key pair, you can add a few more public ! 142: keys to your key ring. A collection of sample public keys is ! 143: provided with the release in the file KEYS.ASC. To add them to your ! 144: public key ring, see the PGP User's Guide, in the section on adding ! 145: keys to your key ring. ! 146: ! 147: ! 148: ###################################################################### ! 149: For UNIX: ! 150: ! 151: You likely will have to compile PGP for your system; to do this, first ! 152: make sure the unpacked files are in the correct unix textfile format ! 153: (the files in pgp23src.zip are in MSDOS CRLF format, so for Unix you ! 154: must unpack with "unzip -a"; the tar file pgp23.tar.Z uses normal Unix ! 155: line feed conventions). Then copy the file "makefile.unx" in the ! 156: distribution to "Makefile". ! 157: ! 158: Then, you will need the March 16, 1994 release of the RSAREF 2.0 ! 159: package. It is included with the PGP 2.5 distribution from MIT. It ! 160: should be unpacked in a directory named "rsaref2" that is a sibling of ! 161: the directory that PGP is unpacked in. (If you use a different ! 162: location, you will have to modify the Makefile and rsaglue2.c.) ! 163: ! 164: Make a directory rsaref2/unix, copy the makefile over from ! 165: rsaref2/install/unix, and build the rsaref.a library. The RSAREF ! 166: package has more detailed instructions. ! 167: ! 168: If you don't have an ANSI C compiler you will need the unproto package ! 169: written by Wietse Venema. unproto was posted on comp.sources.misc and ! 170: can be obtained from the various sites that archive this newsgroup ! 171: (volume 23: v23i012 and v23i013) or ftp.win.tue.nl file: ! 172: /pub/programming/unproto4.shar.Z Read the file README in the unproto ! 173: distribution for instructions on how to use unproto. The unix makefile ! 174: for pgp (makefile.unx) contains a few targets for compliling with ! 175: unproto, these assume you have unpacked unproto in a subdirectory ! 176: "unproto" in the pgp "src" directory. ! 177: ! 178: ! 179: Then... ! 180: ! 181: type: ! 182: "make sungcc" for Sun with GNU gcc ! 183: "make suncc" for Sun with cc and unproto ! 184: "make sysv_386" for SVR4 386 with asm primitives ! 185: "make x286" for XENIX/286 with asm primitives and unproto ! 186: "make ultrix" for DEC 4.2BSD Ultrix with gcc ! 187: "make rs6000" for RS6000 AIX ! 188: "make irix_asm" for IRIX with asm primitives ! 189: "make" to list the available platforms ! 190: ! 191: There are more targets in makefile.unx. If your system doesn't have ! 192: a target in makefile.unx you will have to edit the makefile, make ! 193: sure you compile for the correct byte order for your system: define ! 194: HIGHFIRST if your system is big-endian (eg. Motorola 68030). ! 195: There are also some platform-specific parameters in the include file ! 196: "platform.h". Some platforms may have to modify this file. ! 197: ! 198: If all goes well, you will end up with an executable file called "pgp". ! 199: ! 200: Before you install pgp, run these tests: ! 201: (do not create your real public key yet, this is just for testing pgp) ! 202: ! 203: - create a public/secret key pair (enter "test" as userid/password): ! 204: pgp -kg ! 205: ! 206: - add the sample keys from the file "keys.asc" to the public keyring: ! 207: pgp -ka keys.asc ! 208: pgp will ask if you want to sign the keys you are adding, answer yes ! 209: for at least one key. ! 210: ! 211: - do a keyring check: ! 212: pgp -kc ! 213: ! 214: - encrypt pgpdoc1.txt: ! 215: pgp -e pgpdoc1.txt test -o testfile.pgp ! 216: ! 217: - decrypt this file: ! 218: pgp testfile.pgp ! 219: ! 220: this should produce the file "testfile" compare this file with pgpdoc1.txt ! 221: ! 222: If everything went well, install pgp in a bin directory. ! 223: ! 224: Place the documentation, pgpdoc1.txt and pgpdoc2.txt somewhere where ! 225: you can reasonably read it. The software looks for it when running ! 226: (especially generating keys), so someplace reasonably obvious would ! 227: be good. "pgp -kg" will give you full details if it can't find the ! 228: manuals. ! 229: ! 230: Place the man page (pgp.1) in an appropriate spot. If you don't know ! 231: anything about how man pages work, you can make the man page look ! 232: human readable yourself by typing "nroff -man pgp.1 >pgp.man" and ! 233: reading "pgp.man". ! 234: ! 235: Create a subdirectory somewhere in your home directory hierarchy to ! 236: hold your public and private key rings and anything else pgp might need ! 237: (like the language.txt file). The default name PGP assumes is ~/.pgp. ! 238: If you want to use a different name, you must set the environment ! 239: variable "PGPPATH" to point to this place before you use the system. ! 240: ! 241: > IMPORTANT: This directory cannot be shared! It will contain your < ! 242: > personal private keys! < ! 243: ! 244: If you are installing PGP for yourself, copy the files "language.txt", ! 245: "config.txt", and the ".hlp" files from the distribution into this ! 246: subdirectory. ! 247: ! 248: If you are installing PGP system-wide, the directory to use is ! 249: /usr/local/lib/pgp for the config, language and help files. ! 250: This can be changed in fileio.h when compiling. It's the value ! 251: of PGP_SYSTEM_DIR. ! 252: ! 253: Tell PGP the character set and language you wish to use in the config.txt ! 254: file. If you have a terminal that only displays 7-bit ASCII, use ! 255: "charset=ascii" to display an approximation (accents are omitted) of ! 256: extended characters. ! 257: ! 258: >> IMPORTANT: Please read the sections in the man page and manual << ! 259: >> about vulnerabilities before using this software on a multi- << ! 260: >> user machine! << ! 261: ! 262: Now, if you haven't done so yet, GO READ THE MANUAL. ! 263: ! 264: ! 265: ###################################################################### ! 266: For VMS: ! 267: ! 268: Read the file readme.vms in the doc subdirectory ! 269: ! 270: ######################################################################
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.