Category : C Source Code
Archive   : PGP20SRC.ZIP
Filename : PGP.1

Output of file : PGP.1 contained in archive : PGP20SRC.ZIP
.\" NAME should be all caps, SECTION should be 1-8, maybe w/ subsection
.\" other parms are allowed: see man(7), man(1)
pgp \- Pretty Good Privacy encryption system
.\" denote multiple entry points thus; makewhatis(8) will catch them
pgp [options]

PGP (Pretty Good Privacy) is a public key encryption package to
protect E-mail and data files. It lets you communicate securely with
people you've never met, with no secure channels needed for prior
exchange of keys. It's well featured and fast, with sophisticated
key management, digital signatures, data compression, and good
ergonomic design. If you really want to learn how to use it
properly, it's best to read the full documentation that comes with
the system, which is very complete. This is a "quick start" guide
and reference manual; it is necessarily incomplete, and assumes you
are already familiar with most of the basic concepts, including the
concepts behind public key cryptography.

.SS "Terminology"

user id: an ascii string used to identify a user. User IDs tend to
look like "Robert M. Smith "; please try sticking to
that format.

pass phrase: the secret string used to conventionally encypher your
private key; it's important that this be kept secret.

keyring: a file containing a set of public or secret keys. Default
names for public and secret rings are "pubring.pgp" and "secring.pgp"

ascii armor: the ascii radix 64 format PGP uses for transmitting
messages over channels like E-Mail; similar in concept to uuencoding.

.SS "Command summary"

To see a quick command usage summary for PGP, just type:
pgp -h

To encrypt a plaintext file with the recipient's public key:
pgp -e textfile her_userid

To sign a plaintext file with your secret key:
pgp -s textfile [-u your_userid]

To sign a plaintext file with your secret key, and then encrypt it
with the recipient's public key:
pgp -es textfile her_userid [-u your_userid]

To create a signature certificate that is detached from the document:
pgp -sb textfile [-u your_userid]

To encrypt a plaintext file with just conventional cryptography, type:
pgp -c textfile

To decrypt an encrypted file, or to check the signature integrity of a
signed file:
pgp ciphertextfile [-o plaintextfile]

To generate your own unique public/secret key pair:
pgp -kg

To add a public or secret key file's contents to your public or
secret key ring:
pgp -ka keyfile [keyring]

To remove a key from your public key ring:
pgp -kr userid [keyring]

To extract (copy) a key from your public or secret key ring:
pgp -kx userid keyfile [keyring]
or: pgp -kxa userid keyfile [keyring]

To view the contents of your public key ring:
pgp -kv[v] [userid] [keyring]

To view the contents and check the certifying signatures of your
public key ring:
pgp -kc [userid] [keyring]

To edit the userid or pass phrase for your secret key:
pgp -ke userid [keyring]

To edit the trust parameters for a public key:
pgp -ke userid [keyring]

To remove a key or just a userid from your public key ring:
pgp -kr userid [keyring]

To sign and certify someone else's public key on your public key ring:
pgp -ks her_userid [-u your_userid] [keyring]

To remove selected signatures from a userid on a keyring:
pgp -krs userid [keyring]

Command options that can be used in combination with other command
options (sometimes even spelling interesting words!):

To produce a ciphertext file in ASCII radix-64 format, just add the
-a option when encrypting or signing a message or extracting a key:
pgp -sea textfile her_userid
or: pgp -kxa userid keyfile [keyring]

To wipe out the plaintext file after producing the ciphertext file,
just add the -w (wipe) option when encrypting or signing a message:
pgp -sew message.txt her_userid

To specify that a plaintext file contains ASCII text, not binary, and
should be converted to recipient's local text line conventions, add
the -t (text) option to other options:
pgp -seat message.txt her_userid

To view the decrypted plaintext output on your screen (like the
Unix-style "more" command), without writing it to a file, use
the -m (more) option while decrypting:
pgp -m ciphertextfile

To specify that the recipient's decrypted plaintext will be shown
ONLY on her screen and cannot be saved to disk, add the -m option:
pgp -steam message.txt her_userid

To recover the original plaintext filename while decrypting, add
the -p option:
pgp -p ciphertextfile

To use a Unix-style filter mode, reading from standard input and
writing to standard output, add the -f option:
pgp -feast her_userid outputfile

.SS "The Config File"

PGP uses a fairly complete configuration database that is stored in
the file "config.txt"; please see the manual for complete details.
Some highlights:

MYNAME - Default User ID for Making Signatures

Default setting: MYNAME = ""

The configuration parameter MYNAME specifies the default user ID to
use to select the secret key for making signatures. If MYNAME is not
defined, the most recent secret key you installed on your secret key
ring is used. The user may also override this setting by
specifying a user ID on the PGP command line with the -u option.

TEXTMODE - Assuming Plaintext is a Text File

Default setting: TEXTMODE = off

The configuration parameter TEXTMODE is equivalent to the -t command
line option. If enabled, it causes PGP to assume the plaintext is a
text file, not a binary file, and converts it to "canonical text"
before encrypting it. Canonical text has a carriage return and a
linefeed at the end of each line of text.

This mode is automatically turned off if PGP detects that the
plaintext file contains 8-bit binary data.

ARMOR - Enable ASCII Armor Output

Default setting: ARMOR = off

The configuration parameter ARMOR is equivalent to the -a command
line option. If enabled, it causes PGP to emit ciphertext or keys in
ASCII Radix-64 format suitable for transporting through E-mail
channels. Output files are named with the ".asc" extension.

If you tend to use PGP mostly for E-mail, it may be a good idea to
enable this parameter.

.SS "Key certification"

PGP employs a system where users specify trusted users who may sign
other people's public keys. It is important that you understand how
this mechanism works; a full description is in the manual.

IMPORTANT: The manual also describes how to generate and send a "key
compromise" certificate that tells readers that your private key has
been compromised. If your key has been compromised, please read the
manual section on key compromise certificates and how to create them;
the faster you send out a key compromise certificate, the smaller the
window of opportunity for "bad guys" to send forged messages.

.SS "Important Hints"

PGP automatically tries compressing your input file; there is no point
in precompressing input for transmission.

PGP "ascii armor" is only needed on the outer transmitted message; as
an example, if you are, say, sending a public key to someone else and
you are for some reason signing it, simply armor the outer message;
it's better to sign the binary form of the key.

.SS "Foreign Languages"

PGP is easily customized for foreign language help and error
messages; it has been translated into 10 European languages. See the
manual for details on the file "language.txt".


PGP uses several special files for its purposes, such as your standard
key ring files "pubring.pgp" and "secring.pgp", the random number seed
file "randseed.bin", the PGP configuration file "config.txt", and the
foreign language string translation file "language.txt". These
special files can be kept in any directory, by setting the environment
variable "PGPPATH" to the desired pathname. If PGPPATH remains
undefined, these special files are assumed to be in the current

Normally, PGP prompts the user to type a pass phrase whenever PGP
needs a pass phrase to unlock a secret key. But it is possible to
store the pass phrase in an environment variable from your operating
system's command shell. The environmental variable PGPPASS can be
used to hold the pass phrase that PGP attempts to use first. If
the pass phrase stored in PGPPASS is incorrect, PGP recovers by
prompting the user for the correct pass phrase. This dangerous
feature makes your life more convenient if you have to regularly deal
with a large number of incoming messages addressed to your secret key,
by eliminating the need for you to repeatedly type in your pass phrase
every time you run PGP. THIS IS A VERY DANGEROUS FEATURE; on UNIX it
is trivial to read someone else's environment using the ps(1) command.
If you are contemplating using this feature, be sure to read the
sections "How to Protect Secret Keys from Disclosure" and "Exposure on
Multi-user Systems" in the full PGP manual.


PGP returns a 0 to the shell on success, and a nonzero error code on
failure. See the source code for details on nonzero status return

.\" set tabstop to longest possible filename, plus a wee bit
.ta \w'/usr/lib/perl/ 'u
*.pgp ciphertext, signature, or key file
*.asc ascii armor file
pubring.pgp public key ring
secring.pgp secret key ring
language.txt foreign language string translation file
config.txt configuration file
pgp.hlp online help text file

The manual is really good, and it's really important in the long run
that you read it. It may not be important to read the fine print on
a box of breakfast cereal, but it may be crucial to read the label of
a prescription drug. Cryptography software is like pharmaceuticals--
so read the manual!


It is impossible to overemphasize the importance of protecting your
secret key. Anyone gaining access to it can forge messages from you or
read mail addressed to you. Be EXTREMELY cautious in using PGP on any
multi-user unix system.

PGP is believed by its authors to be secure when used as directed, but
then again everyone always claims their pet encryption system is
secure. Read the section in the manual on "Trusting Snake Oil" and the
section on "Vulnerabilities" for caveats.


Mostly self explanatory.


PGP was initially written for the PC, and behaves very PCish. In
particular, its automagic file selection, file extensions, and the
like all make it somewhat alien in the UNIX environment.


Originally written by Philip R. Zimmermann. Later augmented by a cast
of thousands, especially including Hal Finney, Branko Lankester, and
Peter Gutmann.


For detailed information on PGP licensing, distribution, copyrights,
patents, trademarks, liability limitations, and export controls, see
the "Legal Issues" section in the "PGP User's Guide, Volume II:
Special Topics".

PGP uses a public key algorithm claimed by U.S. patent #4,405,829.
The exclusive rights to this patent are held by a California company
called Public Key Partners, and you may be infringing this patent if
you use PGP in the USA. This is explained in the PGP User's Guide,
Volume II.

PGP is "guerrilla" freeware, and the authors don't mind if you
distribute it widely. Just don't ask Philip Zimmermann to send you a
copy. Instead, you can get it yourself from many BBS systems and a
number of Internet FTP sites.

  3 Responses to “Category : C Source Code
Archive   : PGP20SRC.ZIP
Filename : PGP.1

  1. Very nice! Thank you for this wonderful archive. I wonder why I found it only now. Long live the BBS file archives!

  2. This is so awesome! 😀 I’d be cool if you could download an entire archive of this at once, though.

  3. But one thing that puzzles me is the “mtswslnkmcjklsdlsbdmMICROSOFT” string. There is an article about it here. It is definitely worth a read: