![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to setup.doc CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [PGP] / pgp / doc|
Return to setup.doc CVS log | Up to [PGP] / pgp / doc |
1.1.1.4 ! root 1: Pretty Good Privacy version 2.6 ! 2: Installation Guide by Perry Metzger ! 3: Edited for 2.5 by Colin Plumb and others ! 4: Edited (trivially) for 2.6 by Jeff Schiller ! 5: ! 6: ! 7: How to Install PGP ! 8: ================== ! 9: ! 10: The first question is, what platform are you on? ! 11: ! 12: The base PGP 2.6 distribution runs on several varieties of Unix, MS-DOS ! 13: and VAX VMS. Ports can be expected shortly to the Atari, Amiga, and ! 14: possibly other systems. Naturally, installation instructions differ ! 15: depending on your hardware. Separate instructions are provided here for ! 16: MSDOS and Unix. ! 17: ! 18: No matter what the machine you are on, though, do this... ! 19: ! 20: STEP 1: ! 21: READ THE DOCUMENTATION. At least read Volume I of the PGP User's ! 22: Guide. Cryptography software is easy to misuse, and if you don't use ! 23: it properly much of the security you could gain by using it will be ! 24: lost! You might also be unfamiliar with the concepts behind public key ! 25: cryptography; the manual explains these ideas. Even if you are already ! 26: familiar with public key cryptography, it is important that you ! 27: understand the various security issues associated with using PGP. PGP ! 28: may be an unpickable lock, but you have to install it in the door ! 29: properly or it won't provide security. ! 30: ! 31: See the section below for your system's particular installation ! 32: instructions. ! 33: ! 34: If you do not have any of these systems, you will either have to port ! 35: the sources to your machine or find someone who has already done so. ! 36: ! 37: ###################################################################### ! 38: For MSDOS: ! 39: ! 40: PGP is distributed in a compressed archive format, which keeps all ! 41: the relevant files grouped together, and also saves disk space and ! 42: transmission time. ! 43: ! 44: The current version, 2.6, is archived with the ZIP utility, and the ! 45: PGP executable binary release system is in a file named PGP26.ZIP. ! 46: This contains the executable program, the user documentation, the ! 47: RSAREF license, and a few keys and signatures. There is also a ! 48: second file available containing the C and assembly source code, ! 49: called PGP26SRC.ZIP. If you are a programmer, this may be of interest ! 50: to you. This should be available from the same source from which you ! 51: got PGP26.ZIP. If not, and you want it, see the Licensing and ! 52: Distribution section of the PGP User's Guide. ! 53: ! 54: You will need PKUNZIP version 1.1 or later to uncompress and split ! 55: the PGP26.ZIP archive file into individual files. PKUNZIP is ! 56: shareware and is widely available on MSDOS machines. ! 57: ! 58: Create a directory for the PGP files. For this description, let's ! 59: use the directory C:\PGP as an example, but you should substitute ! 60: your own disk and directory name if you use something different. ! 61: Type these commands to make the new directory: ! 62: ! 63: c: ! 64: md \pgp ! 65: cd \pgp ! 66: ! 67: Uncompress the distribution file PGP26.ZIP to the directory. For ! 68: this example, we will assume the file is on floppy drive A - if not, ! 69: substitute your own file location. ! 70: ! 71: pkunzip -d a:pgp26 ! 72: ! 73: If you omit the -d flag, all the files in the doc subdirectory will ! 74: be deposited in the pgp directory. This merely causes clutter. ! 75: ! 76: This will create the file PGP26I.ZIP and PGP26I.ASC. Unzip PGP26I.ZIP ! 77: with the command: ! 78: ! 79: pkunzip -d pgp26i ! 80: ! 81: Keep the PGP26I.ZIP file around. Once you have PGP working you can use ! 82: PGP26I.ASC to verify the digital signature on PGP26I.ZIP. It should come ! 83: from Jeffrey I. Schiller (whose key is included in keys.asc). ! 84: ! 85: Setting the Environment ! 86: ----------------------- ! 87: ! 88: Next, you can set an MSDOS "environment variable" to let PGP know ! 89: where to find its special files, in case you use it from other than ! 90: the default PGP directory. Use your favorite text editor to add the ! 91: following lines to your AUTOEXEC.BAT file (usually on your C: drive): ! 92: ! 93: SET PGPPATH=C:\PGP ! 94: SET PATH=C:\PGP;%PATH% ! 95: ! 96: Substitute your own directory name if different from "C:\PGP". ! 97: ! 98: The CONFIG.TXT file contains various preferences. You can change ! 99: the language PGP operates in, and the character set it uses. The ! 100: IBM PC's default character set, "Code Page 850" will be used if the ! 101: line "charset = cp850" appears in the config.txt file. You probably ! 102: want to add that line. ! 103: ! 104: Another environmental variable you should set in MSDOS is "TZ", which ! 105: tells MSDOS what time zone you are in, which helps PGP create GMT ! 106: timestamps for its keys and signatures. If you properly define TZ in ! 107: AUTOEXEC.BAT, then MSDOS gives you good GMT timestamps, and will ! 108: handle daylight savings time adjustments for you. Here are some ! 109: sample lines to insert into AUTOEXEC.BAT, depending on your time ! 110: zone: ! 111: ! 112: For Los Angeles: SET TZ=PST8PDT ! 113: For Denver: SET TZ=MST7MDT ! 114: For Arizona: SET TZ=MST7 ! 115: (Arizona never uses daylight savings time) ! 116: For Chicago: SET TZ=CST6CDT ! 117: For New York: SET TZ=EST5EDT ! 118: For London: SET TZ=GMT0BST ! 119: For Amsterdam: SET TZ=MET-1DST ! 120: For Moscow: SET TZ=MSK-3MSD ! 121: For Aukland: SET TZ=NZT-13 ! 122: ! 123: Now reboot your system to run AUTOEXEC.BAT, which will set up ! 124: PGPPATH and TZ for you. ! 125: ! 126: ! 127: ! 128: Generating Your First Key ! 129: ------------------------- ! 130: ! 131: One of the first things you will want to do to really use PGP (other ! 132: than to test itself) is to generate your own key. This is described in ! 133: more detail in the "RSA Key Generation" section of the PGP User's ! 134: Guide. Remember that your key becomes something like your written ! 135: signature or your bank card code number or even a house key - keep it ! 136: secret and keep it secure! Use a long, unguessable pass phrase and ! 137: remember it. Right after you generate a key, put it on your key rings ! 138: and copy your secret keyring (SECRING.PGP) to a blank floppy and write ! 139: protect the floppy. ! 140: ! 141: If you are a first-time user of PGP, it is a good idea to generate ! 142: a short test key, with a short passphrase, to play around with PGP ! 143: for a little bit and see how it works, or even more than one so ! 144: you can pretend to be sending messages between two different people. ! 145: Since you won't be guarding any secrets, this can be short and have ! 146: a simple pass phrase. But when you generate your permanent key, ! 147: that you intend to give to others so they can send secure messages ! 148: to you, be much more careful. ! 149: ! 150: After you generate your own key pair, you can add a few more public ! 151: keys to your key ring. A collection of sample public keys is ! 152: provided with the release in the file KEYS.ASC. To add them to your ! 153: public key ring, see the PGP User's Guide, in the section on adding ! 154: keys to your key ring. ! 155: ! 156: ! 157: ###################################################################### ! 158: For UNIX: ! 159: ! 160: You likely will have to compile PGP for your system; to do this, first ! 161: make sure the unpacked files are in the correct unix textfile format ! 162: (the files in pgp23src.zip are in MSDOS CRLF format, so for Unix you ! 163: must unpack with "unzip -a"; the tar file pgp23.tar.Z uses normal Unix ! 164: line feed conventions). Then copy the file "makefile.unx" in the ! 165: distribution to "Makefile". ! 166: ! 167: Then, you will need the March 16, 1994 release of the RSAREF 2.0 ! 168: package. It is included with the PGP 2.5 distribution from MIT. It ! 169: should be unpacked in a directory named "rsaref2" that is a sibling of ! 170: the directory that PGP is unpacked in. (If you use a different ! 171: location, you will have to modify the Makefile and rsaglue2.c.) ! 172: ! 173: Make a directory rsaref2/unix, copy the makefile over from ! 174: rsaref2/install/unix, and build the rsaref.a library. The RSAREF ! 175: package has more detailed instructions. ! 176: ! 177: If you don't have an ANSI C compiler you will need the unproto package ! 178: written by Wietse Venema. unproto was posted on comp.sources.misc and ! 179: can be obtained from the various sites that archive this newsgroup ! 180: (volume 23: v23i012 and v23i013) or ftp.win.tue.nl file: ! 181: /pub/programming/unproto4.shar.Z Read the file README in the unproto ! 182: distribution for instructions on how to use unproto. The unix makefile ! 183: for pgp (makefile.unx) contains a few targets for compliling with ! 184: unproto, these assume you have unpacked unproto in a subdirectory ! 185: "unproto" in the pgp "src" directory. ! 186: ! 187: ! 188: Then... ! 189: ! 190: type: ! 191: "make sungcc" for Sun with GNU gcc ! 192: "make suncc" for Sun with cc and unproto ! 193: "make sysv_386" for SVR4 386 with asm primitives ! 194: "make x286" for XENIX/286 with asm primitives and unproto ! 195: "make ultrix" for DEC 4.2BSD Ultrix with gcc ! 196: "make rs6000" for RS6000 AIX ! 197: "make irix_asm" for IRIX with asm primitives ! 198: "make" to list the available platforms ! 199: ! 200: There are more targets in makefile.unx. If your system doesn't have ! 201: a target in makefile.unx you will have to edit the makefile, make ! 202: sure you compile for the correct byte order for your system: define ! 203: HIGHFIRST if your system is big-endian (eg. Motorola 68030). ! 204: There are also some platform-specific parameters in the include file ! 205: "platform.h". Some platforms may have to modify this file. ! 206: ! 207: If all goes well, you will end up with an executable file called "pgp". ! 208: ! 209: Before you install pgp, run these tests: ! 210: (do not create your real public key yet, this is just for testing pgp) ! 211: ! 212: - create a public/secret key pair (enter "test" as userid/password): ! 213: pgp -kg ! 214: ! 215: - add the sample keys from the file "keys.asc" to the public keyring: ! 216: pgp -ka keys.asc ! 217: pgp will ask if you want to sign the keys you are adding, answer yes ! 218: for at least one key. ! 219: ! 220: - do a keyring check: ! 221: pgp -kc ! 222: ! 223: - encrypt pgpdoc1.txt: ! 224: pgp -e pgpdoc1.txt test -o testfile.pgp ! 225: ! 226: - decrypt this file: ! 227: pgp testfile.pgp ! 228: ! 229: this should produce the file "testfile" compare this file with pgpdoc1.txt ! 230: ! 231: If everything went well, install pgp in a bin directory. ! 232: ! 233: Place the documentation, pgpdoc1.txt and pgpdoc2.txt somewhere where ! 234: you can reasonably read it. The software looks for it when running ! 235: (especially generating keys), so someplace reasonably obvious would ! 236: be good. "pgp -kg" will give you full details if it can't find the ! 237: manuals. ! 238: ! 239: Place the man page (pgp.1) in an appropriate spot. If you don't know ! 240: anything about how man pages work, you can make the man page look ! 241: human readable yourself by typing "nroff -man pgp.1 >pgp.man" and ! 242: reading "pgp.man". ! 243: ! 244: Create a subdirectory somewhere in your home directory hierarchy to ! 245: hold your public and private key rings and anything else pgp might need ! 246: (like the language.txt file). The default name PGP assumes is ~/.pgp. ! 247: If you want to use a different name, you must set the environment ! 248: variable "PGPPATH" to point to this place before you use the system. ! 249: ! 250: > IMPORTANT: This directory cannot be shared! It will contain your < ! 251: > personal private keys! < ! 252: ! 253: If you are installing PGP for yourself, copy the files "language.txt", ! 254: "config.txt", and the ".hlp" files from the distribution into this ! 255: subdirectory. ! 256: ! 257: If you are installing PGP system-wide, the directory to use is ! 258: /usr/local/lib/pgp for the config, language and help files. ! 259: This can be changed in fileio.h when compiling. It's the value ! 260: of PGP_SYSTEM_DIR. ! 261: ! 262: Tell PGP the character set and language you wish to use in the config.txt ! 263: file. If you have a terminal that only displays 7-bit ASCII, use ! 264: "charset=ascii" to display an approximation (accents are omitted) of ! 265: extended characters. ! 266: ! 267: >> IMPORTANT: Please read the sections in the man page and manual << ! 268: >> about vulnerabilities before using this software on a multi- << ! 269: >> user machine! << ! 270: ! 271: Now, if you haven't done so yet, GO READ THE MANUAL. ! 272: ! 273: ! 274: ###################################################################### ! 275: For VMS: ! 276: ! 277: Read the file readme.vms in the doc subdirectory ! 278: ! 279: ######################################################################
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.