![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to setup.doc CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [PGP] / pgp|
Return to setup.doc CVS log | Up to [PGP] / pgp |
1.1.1.4 ! root 1: ! 2: Pretty Good Privacy Version 2.6.3i ! 3: Installation Guide ! 4: ! 5: by Perry Metzger, Colin Plumb, Derek Atkins, ! 6: Jeffrey I. Schiller and others ! 7: . ! 8: Updated for PGP 2.6.3i by Stale Schumacher ! 9: ! 10: ! 11: How to Install PGP ! 12: ================== ! 13: ! 14: The first question is, what platform are you on? ! 15: ! 16: The base PGP 2.6.3i distribution runs on MS-DOS, OS/2, Atari, VMS, ! 17: Archimedes and several varieties of Unix. Naturally, installation ! 18: instructions differ depending on your hardware. Separate instructions ! 19: are provided here for MSDOS, OS/2, Unix and VMS. ! 20: ! 21: See the section below for your system's particular installation ! 22: instructions. ! 23: ! 24: If you do not have any of these systems, you will either have to port ! 25: the sources to your machine or find someone who has already done so. ! 26: ! 27: ######################################################################## ! 28: For MSDOS and OS/2: ! 29: ! 30: PGP is distributed in a compressed archive format, which keeps all the ! 31: relevant files grouped together, and also saves disk space and ! 32: transmission time. ! 33: ! 34: The current version, 2.6.3i, is archived with the ZIP utility, and the ! 35: PGP executable binary is in a file named PGP263I.ZIP (MSDOS 16-bit), ! 36: PGP263IX.ZIP (MSDOS 32-bit), PGP263I2.ZIP (OS/2 FAT) or pgp263i-os2.zip ! 37: (OS/2 HPFS). This contains the executable program, the user ! 38: documentation, and a few keys and signatures. There is also another file ! 39: available containing the C and assembly source code, called ! 40: PGP263IS.ZIP. This should be available from the same source from which ! 41: you got PGP263I.ZIP. If not, send email to [email protected] with ! 42: "INFO PGP" in the subject field. ! 43: ! 44: You will need PKUNZIP version 2.0 or later to uncompress and split the ! 45: ZIP archive file into individual files. PKUNZIP is shareware and is ! 46: widely available on MSDOS and OS/2 machines. ! 47: ! 48: Create a directory for the PGP files. For this description, let's use ! 49: the directory C:\PGP as an example, but you should substitute your own ! 50: disk and directory name if you use something different. Type these ! 51: commands to make the new directory: ! 52: ! 53: c: ! 54: md \pgp ! 55: cd \pgp ! 56: ! 57: Uncompress the distribution file to the directory. For this example, we ! 58: will assume the file is on floppy drive A - if not, substitute ! 59: your own file location, e.g.: ! 60: ! 61: pkunzip -d a:pgp263i ! 62: ! 63: This will create the files PGP263II.ZIP and PGP263II.ASC. Unzip ! 64: PGP263II.ZIP with the command: ! 65: ! 66: pkunzip -d pgp263ii ! 67: ! 68: If you omit the -d flag, all the files in the doc subdirectory will be ! 69: deposited in the pgp directory. This merely causes clutter. ! 70: ! 71: Keep the PGP263II.ZIP file around. Once you have PGP working you can use ! 72: PGP263II.ASC to verify the digital signature on PGP263II.ZIP. It should ! 73: come from Stale Schumacher (whose key is included in KEYS.ASC). ! 74: ! 75: Setting the Environment ! 76: ----------------------- ! 77: ! 78: Next, you can set an "environment variable" to let PGP know where to ! 79: find its special files, in case you use it from other than the ! 80: default PGP directory. Use your favorite text editor to add the ! 81: following lines to your AUTOEXEC.BAT (MSDOS) or CONFIG.SYS (OS/2) file ! 82: (usually on your C: drive): ! 83: ! 84: SET PGPPATH=C:\PGP ! 85: SET PATH=C:\PGP;%PATH% ! 86: ! 87: Substitute your own directory name if different from "C:\PGP". ! 88: ! 89: The CONFIG.TXT file contains various preferences. You can change the ! 90: language PGP operates in, and the character set it uses. The IBM PC's ! 91: default character set, "Code Page 850" will be used if the line "charset ! 92: = cp850" appears in the config.txt file. You probably want to add that ! 93: line. ! 94: ! 95: Another environmental variable you should set is "TZ", which tells ! 96: your operating system what time zone you are in. This helps PGP ! 97: create GMT timestamps for its keys and signatures. If you properly ! 98: define TZ in AUTOEXEC.BAT (CONFIG.SYS), then MSDOS (OS/2) will give you ! 99: good GMT timestamps, and will handle daylight savings time adjustments ! 100: for you. Here are some sample lines depending on your time zone: ! 101: ! 102: For Los Angeles: SET TZ=PST8PDT ! 103: For Denver: SET TZ=MST7MDT ! 104: For Arizona: SET TZ=MST7 ! 105: (Arizona never uses daylight savings time) ! 106: For Chicago: SET TZ=CST6CDT ! 107: For New York: SET TZ=EST5EDT ! 108: For London: SET TZ=GMT0BST ! 109: For Amsterdam: SET TZ=MET-1DST ! 110: For Moscow: SET TZ=MSK-3MSD ! 111: For Aukland: SET TZ=NZT-12DST ! 112: ! 113: Now reboot your system to set up PGPPATH and TZ. ! 114: ! 115: Generating Your First Key ! 116: ------------------------- ! 117: ! 118: One of the first things you will want to do to really use PGP (other ! 119: than to test itself) is to generate your own key. This is described in ! 120: more detail in the "RSA Key Generation" section of the PGP User's Guide. ! 121: Remember that your key becomes something like your written signature or ! 122: your bank card code number or even a house key - keep it secret and keep ! 123: it secure! Use a long, unguessable pass phrase and remember it. Right ! 124: after you generate a key, put it on your key rings and copy your secret ! 125: keyring (SECRING.PGP) to a blank floppy and write protect the floppy. ! 126: ! 127: If you are a first-time user of PGP, it is a good idea to generate a ! 128: short test key, with a short passphrase, to play around with PGP for a ! 129: little bit and see how it works, or even more than one so you can ! 130: pretend to be sending messages between two different people. Since you ! 131: won't be guarding any secrets, this can be short and have a simple pass ! 132: phrase. But when you generate your permanent key, that you intend to ! 133: give to others so they can send secure messages to you, be much more ! 134: careful. ! 135: ! 136: After you generate your own key pair, you can add a few more public keys ! 137: to your key ring. A collection of sample public keys is provided with ! 138: the release in the file KEYS.ASC. To add them to your public key ring, ! 139: see the PGP User's Guide, in the section on adding keys to your key ! 140: ring. ! 141: ! 142: Verifying the PGP distribution ! 143: ------------------------------ ! 144: ! 145: Now that you have PGP up and running and have read in the KEYS.ASC file ! 146: you can verify the integrity of the original distribution. To do this ! 147: type: ! 148: ! 149: pgp pgp263ii.asc ! 150: ! 151: It will inform you that pgp263ii.asc contains a signature but no text. ! 152: It may then ask you to provide the name of the file that it applies to. ! 153: Type in "pgp263ii.zip", the internal ZIP file. ! 154: ! 155: PGP should tell you that it has a Good Signature from: ! 156: ! 157: Stale Schumacher <[email protected]> ! 158: ! 159: It will also tell you that it doesn't "trust" this key. This is because ! 160: PGP does not *know* that the enclosed key really belongs to me. Don't ! 161: worry about this now. Read the section "How to Protect Public Keys from ! 162: Tampering" in Volume 1 of the PGP manual. ! 163: ! 164: READ THE FINE MANUAL (RTFM) ! 165: --------------------------- ! 166: ! 167: READ THE DOCUMENTATION. At least read Volume I of the PGP User's Guide. ! 168: Cryptography software is easy to misuse, and if you don't use it ! 169: properly much of the security you could gain by using it will be lost! ! 170: You might also be unfamiliar with the concepts behind public key ! 171: cryptography; the manual explains these ideas. Even if you are already ! 172: familiar with public key cryptography, it is important that you ! 173: understand the various security issues associated with using PGP. PGP ! 174: may be an unpickable lock, but you have to install it in the door ! 175: properly or it won't provide security. ! 176: ! 177: ######################################################################## ! 178: For UNIX: ! 179: ! 180: You likely will have to compile PGP for your system; to do this, first ! 181: make sure the unpacked files are in the correct unix textfile format ! 182: (the files in pgp263is.zip are in MSDOS CRLF format, so for Unix you ! 183: must unpack with "unzip -a"; the tar files pgp263is.tar.Z and ! 184: pgp263is.tar.gz use normal Unix line feed conventions). ! 185: ! 186: If you intend to compile PGP 2.6.3i for use within the USA, you will ! 187: need the RSAREF package written by RSA Data Security. It is NOT included ! 188: with the PGP 2.6.3i distribution. ! 189: ! 190: When you untar pgp263is.tar (either compression format) you will find ! 191: that it contains 5 files. pgp263ii.tar contains all non-binary files for ! 192: PGP including all source code. This tar archive has been created ! 193: assuming that you will untar it directly into your PGP 2.6.3i "build" ! 194: directory. pgp263ii.asc is a detached digital signature of pgp263ii.tar ! 195: (which you can verify after you have PGP operating, see the section ! 196: above titled "Verifying the PGP Distribution"). ! 197: ! 198: If you don't have an ANSI C compiler you will need the unproto package ! 199: written by Wietse Venema. unproto was posted on comp.sources.misc and ! 200: can be obtained from the various sites that archive this newsgroup ! 201: (volume 23: v23i012 and v23i013) or ftp.win.tue.nl file: ! 202: /pub/programming/unproto4.shar.Z. Read the file README in the unproto ! 203: distribution for instructions on how to use unproto. ! 204: ! 205: If your system doesn't have a target in the makefile you will have to ! 206: edit the makefile, make sure you compile for the correct byte order for ! 207: your system: define HIGHFIRST if your system is big-endian (eg. ! 208: Motorola 68030). There are also some platform-specific parameters in ! 209: the include file "platform.h". Some platforms may have to modify this ! 210: file. ! 211: ! 212: If you successfully create a target rule for a new platform, please send ! 213: the patches to [email protected], so it can be added to the next ! 214: release. ! 215: ! 216: Note: PGP 2.6.3i requires the function memmove. Not all machines have ! 217: this in the standard C library. There is an implementation of memmove ! 218: included with this distribution. If you find that your platform ! 219: requires memmove, but the makefile rule for your platform does not ! 220: include memmove (look at the sun4gcc or sun386i rules for an example of ! 221: how to include it), please send mail to [email protected], so I can ! 222: correct the problem. ! 223: ! 224: If you have any problems, bugs, patches, etc., please send mail to ! 225: [email protected]. ! 226: ! 227: If all goes well, you will end up with an executable file called "pgp". ! 228: ! 229: Before you install pgp, run these tests: ! 230: (do not create your real public key yet, this is just for testing pgp) ! 231: ! 232: - create a .pgp directory in your home directory ! 233: ! 234: - create a public/secret key pair (enter "test" as userid/password): ! 235: pgp -kg ! 236: ! 237: - add the keys from the file "keys.asc" to the public keyring: ! 238: pgp -ka keys.asc ! 239: pgp will ask if you want to sign the keys you are adding, answer yes ! 240: for at least one key. ! 241: ! 242: - do a keyring check: ! 243: pgp -kc ! 244: ! 245: - encrypt pgpdoc1.txt: ! 246: pgp -e pgpdoc1.txt test -o testfile.pgp ! 247: ! 248: - decrypt this file: ! 249: pgp testfile.pgp ! 250: ! 251: This should produce the file "testfile". Compare this file with ! 252: pgpdoc1.txt ! 253: ! 254: If everything went well, install pgp in a bin directory. ! 255: ! 256: Place the documentation, pgpdoc1.txt and pgpdoc2.txt somewhere where you ! 257: can reasonably read it. The software looks for it when running ! 258: (especially generating keys), so someplace reasonably obvious would be ! 259: good. "pgp -kg" will give you full details if it can't find the ! 260: manuals. ! 261: ! 262: Place the man page (pgp.1) in an appropriate spot. If you don't know ! 263: anything about how man pages work, you can make the man page look human ! 264: readable yourself by typing "nroff -man pgp.1 >pgp.man" and reading ! 265: "pgp.man". ! 266: ! 267: Create a subdirectory somewhere in your home directory hierarchy to hold ! 268: your public and private key rings and anything else pgp might need (like ! 269: the language.txt file). The default name PGP assumes is ~/.pgp. If you ! 270: want to use a different name, you must set the environment variable ! 271: "PGPPATH" to point to this place before you use the system. ! 272: ! 273: > IMPORTANT: This directory cannot be shared! It will contain your < ! 274: > personal private keys! < ! 275: ! 276: If you are installing PGP for yourself, copy the files "language.txt", ! 277: "config.txt", and the ".hlp" files from the distribution into this ! 278: subdirectory. ! 279: ! 280: If you are installing PGP system-wide, the directory to use is ! 281: /usr/local/lib/pgp for the config, language and help files. This can be ! 282: changed in fileio.h when compiling. It's the value of PGP_SYSTEM_DIR. ! 283: ! 284: Tell PGP the character set and language you wish to use in the ! 285: config.txt file. If you have a terminal that only displays 7-bit ASCII, ! 286: use "charset=ascii" to display an approximation (accents are omitted) of ! 287: extended characters. ! 288: ! 289: >> IMPORTANT: Please read the sections in the man page and manual << ! 290: >> about vulnerabilities before using this software on a multi- << ! 291: >> user machine! << ! 292: ! 293: Now, if you haven't done so yet, GO READ THE MANUAL. ! 294: ! 295: ######################################################################## ! 296: For VMS: ! 297: ! 298: Usage is generally: ! 299: 1) Unzip your PGP 2.6.3i sources in [.PGP] using the -aa option ! 300: 2) Set default to [.PGP.SRC] ! 301: 3) Type @PGPINSTAL and answer the questions ! 302: ! 303: See the file [.pgp.src]pgpinstal.com for more detailed information. ! 304: ! 305: For proper operation, the logical name PGPPATH *must* be defined to ! 306: point to a directory containing the PGP help files, language files, ! 307: your keyrings (keyrings get created automatically), and your CONFIG.TXT. ! 308: Refer to the PGP documentation for information on how the PGPPATH ! 309: "environment variable" is used.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.