PGP5(1) User Manual PGP5(1)NAMEPGP5 - A suite of tools for encrypting, decrypting and verifying mes‐
sages.
DESCRIPTION
There are two files in this package, but several additional modes of
operation are available via symbolic links:
pgp5(1) is the main cryptographic engine of the PGP package.
However, invoking it as itself merely prints a usage summary.
pgpe(1) is executed to encrypt, or encrypt and sign, files. It
is a link to pgp5(1).
pgps(1) is executed to only sign files. It is a link to
pgp5(1).
pgpv(1) is executed to only verify or decrypt signed or
encrypted files. It is a link to pgp5(1).
pgpk(1) is the key management application, which is used to gen‐
erate, retrieve and send keys, as well as manage trust.
Public key cryptography must be fully understood by the user to be use‐
ful. A successful PGP user must be familiar with public key cryptogra‐
phy in general, and some PGP-specific concepts (such as the web of
trust). If you feel comfortable with your own level of knowledge on
this subject, your first step is probably going to be to invoke pgpk(1)
to generate a key. Additionally, a page by Phil Zimmermann on the
importance of cryptography is included in pgp-intro(7).
FILES
~/.pgp/pgp.cfg
User-specific configuration file. In previous releases, this
file was called config.txt. See pgp.cfg(5) for further details.
MIGRATION
Users migrating from earlier versions of PGP will need to manually
migrate the following configuration files:
~/.pgp/config.txt is now ~/.pgp/pgp.cfg. This file may be
copied manually. If not copied, internal defaults will be used.
This file is largely unchanged in 5.0. See pgp.cfg(5) for more
information on this file.
~/.pgp/pubring.pgp is now ~/.pgp/pubring.pkr. You may copy your
old public keyring, or allow 5.0 to generate a new keyring for
you.
~/.pgp/secring.pgp is now ~/.pgp/secring.skr. You may copy your
old private keyring. Even if you do this, you are encouraged to
generate a new DSS/Diffie-Hellman key to allow communication
with all 5.0 users.
~/.pgp/language.txt is now ~/.pgp/language50.txt. This file
should not be copied from your previous installation, as it is
completely different in 5.0. If this file is not present,
internal defaults will be used.
AUTHORS
A cast of thousands. This is, of course, derived directly from the
work of Phil R. Zimmermann <prz@pgp.com>. Major contributors to this
release include:
Unix Development
Derek Atkins <warlord@MIT.EDU>
Hal Finney <hal@pgp.com>
Mark McArdle <markm@pgp.com>
Brett A. Thomas <quark@baz.com>
Mark Weaver <mhw@pgp.com>
Be Development
Mark Elrod <elrod@pgp.com>
Brett A. Thomas <quark@baz.com>
Library Development
Derek Atkins <warlord@MIT.EDU>
Colin Plumb <colin@pgp.com>
Hal Finney <hal@pgp.com>
Mark Weaver <mhw@pgp.com>
Unix Beta Testing
Steve Gilbert <darkelf@redcloud.org>
Mike Shappe <mshappe@jeeves.net>
Man Pages
Brett A. Thomas <quark@baz.com>
BUGS
Keyserver support should be more informative with unknown protocols.
URL parsing uses static buffers and is vulnerable to overflow attacks.
The PAGER directive in pgp.cfg doesn't work.
The -b option to pgpv(1) is not implemented. This option allowed the
"breaking" of signed files into a signature and a file (effectively, a
retroactive detached signature).
pgpv -m ("more" mode) and "eyes-only" decryption is not displaying
properly. It is suggested that your pipe the output of pgpv(1) into
your pager of preference until this is fixed.
pgpk(1) doesn't pay attention to the +force option to force file over‐
write; it stops to ask for confirmation.
Multipart armoring doesn't handle all possible permutations - specifi‐
cally, it does not work properly if all the sections are in one file,
or only the first file is named on the command line.
There is currently no way to specify just a secret or public keyring
for an operation.
pgp5 --version doesn't work. Use pgpk --version or one of the other
commands, instead.
pgpv -p, to "preserve" the original input filename, is not yet sup‐
ported.
There are a number of bugs when specifying filenames ending in digits;
the general result is that the default output filename is not what
might be expected (i.e., pgpe -sa foo1 results in an output suggestion
of foo1.asc.1 instead of foo1.asc, as expected). It is conjectured
that the user interface is becoming confused and invoking the rules
used to generate multi-part ASCII armor filenames.
Configuration option TZfix doesn't allow specifying non-mainstream val‐
ues, such as -420 or 30.
pgpk -e does not ask about marking a new userid as primary.
pgpk -a should accept a key on stdin, but does not.
pgpk is, in some instances, overwriting the "previously encrypted to
invalid key" flag on some keys.
SEE ALSOpgpe(1), pgpv(1), pgps(1), pgpk(1), pgp.cfg(5), pgp-integration(7),
pgp-intro(7), http://www.pgp.com (US versions) and http://www.pgpi.com
(International versions)
PGP JULY 1997 (v5.0) PGP5(1)