Re: lug-bg: KMail question

[danchev@xxxxxxxxx (George Danchev)]

Ami natisni please ,funkcionalniq klavish F1 ( vtoriq gore v lqvo na kbd-to ) 
, za da ne ti paste-vam moq help :)))))
Razbira se 4e go encrypt-wa , daje moje da ti pokaje kak go e kodiralo, predi 
da go izpratish 4e da se ubedish naistina 4e go kodira /shifrova . Vse pak 
eto ti malko ot  opisanieto v help kasaeshto paranoicite :)))))))

----------------------KMail-HELP-Starts----------------------------------

3.7. Pretty Good Privacy (PGP) / GNU Privacy Guard (GnuPG)

This is a short introduction on how to setup KMail's pgp support. It will 
give some hints on the use of pgp too. It's written for people who are 
beginners in this area. If you are familiar with the use of pgp, you can skip 
most of the steps. Working with GnuPG is generally similar, but some command 
line parameters may be different. Please also check out the FAQ item about 
pgp.

You can encrypt your messages sent with KMail, but this does not mean that 
the attachments are encrypted. You have to encrypt your attachments manually, 
using a shell command or some other tool before you attach them.

KMail has to rely on PGP's output. This output is often different between 
different version of PGP, so it's important that you test if encryption 
really works with your setup before you start using it seriously. KMail might 
not warn you if something fails. You better enable Show ciphered text after 
composing. 

To setup and use pgp support in KMail it is necessary to have pgp installed 
and set up properly. Of course we cannot give you a full introduction of pgp 
here. We will only mention the steps you have to do to get pgp going. For 
details you should have a look at the excellent pgp documentation.

It is certainly a good idea to study this documentation as well as an 
introduction into public key cryptography (e.g. out of the pgp 6.5.x 
package). There you can learn a lot about the basic concepts, which will help 
you to understand what is going on. As well, many security related issues you 
should know about are discussed there.

Now let's start.3.7.1. Preconditions

KMail expects that your PGP binary is called pgp. In case of GnuPG, it 
expects the binary to be called gpg. If that's not the case for you, just 
make a symlink.

If you haven't done so, you have to generate a key pair (secret and public 
key) for your identity. You must do this at the command line (use pgp -kg). 
KMail has no internal support for pgp's key generation at this time. The 
identity (normally your name followed by your email address within brackets, 
such as John Doe <john@xxxxxxxxxxx>) and your passphrase are important for 
the co-operation between KMail and pgp.3.7.2. PGP Related Settings in KMail

Open the KMail Configure dialog and go to the Security settings page. Type 
your identity into the PGP user identity entry field. There are also three 
options:Keep passphrase in memory

When this option is off, then KMail will ask for your passphrase each time 
you sign a message (before sending) or decrypting a message (sent to you). If 
you turn this option on, KMail will remember your passphrase from after your 
first successful input until you finish your KMail session. The passphrase is 
stored in memory and not written to the harddisk.

Note that a user with enough privileges (e.g. root) might be able to catch 
your passphrase even from the computer's memory.Always encrypt to self

If this option is off and you want send an encrypted message to somebody, 
then you can't read this message any longer after you have composed and 
encrypted it. Turn this option on to keep sent encrypted messages readable 
for you too.Show ciphered text after composing

This will show you the result of encrypting and signing before the message 
gets sent. This way you can still cancel sending if encrypting failed. It is 
strongly recommended to use this option.Encryption tool

Here you can choose if you want to use GnuPG or PGP. Of course the program 
you select has to be installed on your system. It is also important to select 
the correct version.

On the Composer tab you can also check the Automatically sign messages using 
PGP option. This means that all your messages will be signed before being 
sent. (So you don't have to set the signing for each mail manually.)

Now you are able to sign outgoing messages. To let people send encrypted 
messages to you and to let them verify your signature you must send them your 
public key. To send encrypted mails to other people or to verify their signed 
messages you will need their public keys. You can store your public key(s) on 
a public PGP key server such as http://www.cam.ac.uk.pgp.net/pgpnet/.3.7.3. 
Sign your Messages

You compose your message as usual in the Composer window of KMail. Before you 
send the message, check the button with the underlining icon on it in the 
toolbar of the composer window. Then, you can send the message. To sign it, 
KMail needs to know your pgp passphrase. If you didn't select Keep passphrase 
in memory in the Security settings tab, KMail will ask you for it. On the 
other hand, if you have already given the phrase to KMail, it will sign the 
message without any further prompt.3.7.4. Send your Public Key

Prepare a message to the person you want to send your public key to. Then 
choose in the Composer window's menu Attach->Attach My Public Key. This will 
attach your public key to the mail. Now you can send the mail.

Remember that it's not safe at all if you sign the message to make sure that 
the receiver will get the correct key. There can be a man-in-the-middle 
attack, as somebody can change the key and sign the message with that other 
key. That's why the recipient should verify the attached key by checking the 
key's fingerprint against the one he got in a secure way from you. Have a 
look at the pgp documentation for further details.3.7.5. You got an encrypted 
Message

All you have to do is to select the message in KMail. You will be prompted 
for your passphrase. Then KMail will try to decrypt the message and show you 
the plain text if the message had been encrypted with your public key. (If 
not, then you won't be able to read it.) KMail stores the messages encrypted, 
so nobody can read these messages without knowing your passphrase.3.7.6. 
Receiving a Public Key

You can get a public key as an attachment or simply by ftp or floppy. Before 
you can use this key to encrypt a message to the owner of the key, you should 
verify the key (check its fingerprint or look for trusted signatures). Then 
you can add this key to your public keyring by typing pgp -ka filename at the 
command line. If the key is not certified with a trusted signature, you can't 
use it with KMail to encrypt messages unless you have signed that key (use 
pgp -ks identity of the key).3.7.7. Use Public Keys of other People - Encrypt 
your Messages

To send an encrypted message to somebody of whom you have a public key, you 
simply create the message in the composer window. Before you send the 
message, check the button with the lock symbol in the toolbar of the composer 
window. Then send the message.

If KMail can't find a key for any of the recipients, it will display a list 
containing all available keys. You can choose the appropriate key out of the 
list (or cancel the action). KMail might also inform you about errors 
throughout the encryption process.

As mentioned above, you won't be able to read your own encrypted sent mails 
if you don't check Always encrypt to self in the setting's Security tab.

-----------KMail-HELP-Ends------------------------

On Sunday 15 April 2001 21:31, you wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> mdam ama mi zakacha sign-a kato attach ...
> nali ?
>
> On Sun, 15 Apr 2001, George Danchev wrote:
> > Date: Sun, 15 Apr 2001 21:07:09 +0300
> > From: George Danchev <danchev@xxxxxxxxx>
> > Reply-To: lug-bg@xxxxxxxxxxxxxxxxxx
> > To: lug-bg@xxxxxxxxxxxxxxxxxx
> > Subject: Re: lug-bg: KMail question
> >
> > Moje da . Vij  Settings/Configuratrion /Secutiry . Ima nqkolko encrypting
> > toolz , ama ne encrypt-wa   atach-a , a samo body-to na message-to.
> > Ave KMail se spravq dosta dobre , vse pak i Mattias Kalle Dalheimer e
> > barnal v nego :))) , ina4e po-starite versii malko sed spuwaha vqrno e .
> >
> > On Sunday 15 April 2001 20:10, you wrote:
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> > >
> > >
> > > az weche mislq da ne se prawq na hityr i reshih da widq bozata KMail
> > >
> > > chestno da si priznaq polzwah go predi wreme... ama otdawna
> > > posle pak me obhwana wylnata console... i zaebah
> > > sega pak sym na wylna X i mislq da probwam pak :)
> > >
> > > ama imam edin takyw wypros...
> > > KMail-a move li da prekara pismoto prez parser predi prashtane ?
> > > kato pine-a
> > >
> > > t.e.
> > > kato si napisha pismoto i natisna send
> > > da mi pusne pismoto prez PGP sign/encrypter-a
> > > i taka da go prati ?
> > >
> > >
> > >
> > > -
> > > -======================================================================
> > >==== =- Regards,                                            AngelFire
> > > Stanislav Lechev                    <firedust@xxxxxxx> PGP Key:
> > > http://firedust.vega.bg/pgp/StanislavLechev.asc -
> > > -======================================================================
> > >==== =- -----BEGIN PGP SIGNATURE-----
> > > Version: GnuPG v1.0.4 (GNU/Linux)
> > > Comment: Made with pgp4pine 1.75-6
> > >
> > > iD8DBQE62dXs8RPXBhiMqewRAkuFAJ9LFXUQ6qMR9t4VkKVRxnuO8Nc57QCeMNGZ
> > > Q5PQ0BiXuDQCenTz/bdmG2E=
> > > =aYom
> > > -----END PGP SIGNATURE-----
> > >
> > >
> > > =======================================================================
> > >==== A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
> > > http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara
> > > Zagora
> >
> > =========================================================================
> >== A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
> > http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara
> > Zagora
>
> -
> -==========================================================================
>=- Regards,                                            AngelFire Stanislav
> Lechev                    <firedust@xxxxxxx> PGP Key:
> http://firedust.vega.bg/pgp/StanislavLechev.asc -
> -==========================================================================
>=- -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.4 (GNU/Linux)
> Comment: Made with pgp4pine 1.75-6
>
> iD8DBQE62ej28RPXBhiMqewRAlAnAJ9l286u+4Gy0444/3hPfYoQIJTFgACdECRK
> oJvwsnSh/eVhIa7MxCX0/x4=
> =pHKk
> -----END PGP SIGNATURE-----
>
>
> ===========================================================================
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
> http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora