expertenaustausch > comm.software.* > comm.software.crosspoint

August Abolins (11.04.2020, 07:28)
Can someone please provide the steps to configure OpenXP with GnuPG so that I can send encrypted netmail in Fidonet?
Gunter (11.04.2020, 20:15)
Hallo August!

> Can someone please provide the steps to configure OpenXP with GnuPG so
> that I can send encrypted netmail in Fidonet?


Although I am the the current maintainer of OpenXP, I cannot answer your
question.

I never used PGP/GPG in conjunction with OpenXP, but I heard configuring it
isn't a thing for the soft-hearted :-)

Ciao
Gunter
August Abolins (11.04.2020, 21:56)
On Saturday, April 11, 2020 at 2:17:18 PM UTC-4, Gunter wrote:
> Hallo August!
> Although I am the the current maintainer of OpenXP, I cannot answer your
> question.
> I never used PGP/GPG in conjunction with OpenXP, but I heard configuring it
> isn't a thing for the soft-hearted :-)
> Ciao
> Gunter


[1] I can trigger a "gpg -sea -r $ASK" by configuring a macro for it. I simply select an Unsent message in the list and launch the macro. The resultant message is stored as MSG.TMP.asc in the /TEMP directory, but it doesn'treplace the original MSG.TMP file to be sent. :(

Alternatively,

[2] The Pgp option in the Save/Special/PGP sequence ehaves like it wants towork, but I get an error message: " 'C:\PROGRAM' is not recognized as an internal or external command, operable program or batch file.
Press any key ..."

So there seems to be a couple of ways to go about it.

A macro for [gpg -r $FILE"] just ends up as a big dark screen. :(

Thanks, Gunter.. for your reply. Maybe there is a way to get the word out and find someone who has PGP configured to work.
August Abolins (11.04.2020, 21:59)
On Saturday, April 11, 2020 at 3:56:46 PM UTC-4, August Abolins wrote:
> On Saturday, April 11, 2020 at 2:17:18 PM UTC-4, Gunter wrote:
> [1] I can trigger a "gpg -sea -r $ASK" by configuring a macro for it. I simply select an Unsent message in the list and launch the macro. The resultant message is stored as MSG.TMP.asc in the /TEMP directory, but it doesn't replace the original MSG.TMP file to be sent. :(
> Alternatively,
> [2] The Pgp option in the Save/Special/PGP sequence ehaves like it wants to work, but I get an error message: " 'C:\PROGRAM' is not recognized as aninternal or external command, operable program or batch file.
> Press any key ..."
> So there seems to be a couple of ways to go about it.
> A macro for [gpg -r $FILE"] just ends up as a big dark screen. :(
> Thanks, Gunter.. for your reply. Maybe there is a way to get the word out and find someone who has PGP configured to work.


Ooops I meant "-d" not "-r" as below:

A macro for [gpg -d $FILE"] just ends up as a big dark screen. :(

The idea is to create a macro to at least decode and read an encrypted message on the fly.
Gunter (12.04.2020, 11:17)
Hallo August!

> Thanks, Gunter.. for your reply. Maybe there is a way to get the word
> out and find someone who has PGP configured to work.


If you select Config/Extern/PGP you get a dialog with various options.

Just as a hint:

- switch language to German (Config/Options/Language)
- open dialog "PGP-Einstellungen" (Config/Extern/PGP)
- press F1 (Help)
- help item "PGP - Informationen" should be displayed
- an the very end of this item select "PGP - Detailinformationen"
- help item "PGP - Detailinformationen" should be displayed

Translate all those texts to English, they might be helpful.
But frankly, I hardly understand those texts myself :-)

Ciao
Gunter
Martin Foster (13.04.2020, 10:58)
Hello August!

*** 11.04.20 at 05:28, August Abolins wrote:

> Can someone please provide the steps to configure OpenXP with GnuPG so that
> I can send encrypted netmail in Fidonet?


Although I have no experience with PGP whatsoever, perhaps the
following help text from another Point programme may be of some help:

---------- 8< ----------
PGP
PGP-path: The path to pgp.exe
Public keyring: Path and filename of your "public keyring".

Decode: Command line for decoding: e.g "pgp c:.asc"
Encrypt: Command line for encrypting: e.g "pgp -ea c:.txt"
Kill sent for encrypted mail: The encrypted version of the message
will bear the "KillSent" flag which means it will be deleted after the
message has been sent.
Delete after decryption: After decrypting, the original encrypted
message will be deleted.

Notes on encryption:
If you select "Encrypt" in the "Message" menu, you will be presented
with a dialog where you can enter the user-id of the addressee. APoint
checks the PGP-keyring for the id of the addressee. The program looks
for an id in the form "First name Surname <Address>". If this is
unsuccessfull, the program then looks for "First name Surname" and
finally (if this string is not in the keyring) only the first name.

Then the text of the message is saved with the name "msg.txt" in the
PGP-directory. Finally, PGP is started and the command line in the
options dialog is completed for the user-id.
When PGP is finished, the program tries to load the encrypted text in
the file with the name "msg.asc". If this is successful, a new message
containing the encrypted text is written to the MsgBase and the
original message is marked as sent.

Notes on decryption:
The message text is saved with the name "msg.asc" in the PGP-
directory, PGP is started and finally the decrypted text is loaded in
the file "msg".

WARNING!!!
You MUST confirm with your Boss whether he/she accepts encrypted mail
beforehand. To send encrypted mail via a Boss that does NOT accept it
is asking for BIG trouble. Quite a lot of FidoNet Nodes do NOT allow
encrypted mail to pass via their systems so don't say you haven't been
warned!
---------- 8< ----------

Regards,
Martin
August Abolins (13.04.2020, 20:46)
On Monday, April 13, 2020 at 4:59:35 AM UTC-4, Martin Foster wrote:
[..]
> ---------- 8< ----------
> Regards,
> Martin


Thank you Martin! As a matter of fact.. I *was* looking at Apoint's PGP functionality requirements too. Apoint predates GnuPG so all its referencesand example are for pgp.exe. I found the fields where to specify the PGP stuff and substituted "gpg.exe" instead of "pgp.exe" and made the proper references to the location of the keyring, etc. But it would still stumble on something and fail. I've given up on Apoint for a while. OXP seems to be the better program to capitalize on the benefits of encryption if I can get it to cooperate.
Gunter (24.05.2020, 20:58)
Hallo August!

> Thank you Martin! As a matter of fact.. I *was* looking at Apoint's
> PGP functionality requirements too. Apoint predates GnuPG so all its
> references and example are for pgp.exe. I found the fields where to
> specify the PGP stuff and substituted "gpg.exe" instead of "pgp.exe"and
> made the proper references to the location of the keyring, etc. Butit
> would still stumble on something and fail. I've given up on Apoint for
> a while. OXP seems to be the better program to capitalize on the
> benefits of encryption if I can get it to cooperate.


I had a little spare time and tested OpenXP with PGP.

At first, I downloaded PGP 6.5.8 from this site:


I istalled the whole package in a virtual machine and copied just the
PGP.EXE (which is a pure command line program) over to my main computer
into a directory contained in the PATH variable, so that OpenXP can execute
it.

Next, I opened an command line and executed "pgp -kg" in order to generate
a public/private key pair. The resulting files are stored by PGP.EXE in
the directory "%USERPROFILE%\Application Data\PGP".

In OpenXP (Config/External/PGP) I made the following configuration:
PGP version 6.5.x
[x] PGP support
[x] Batch mode
[x] Wait for key after PGP call
[ ] Log file for automatic actions
[x] Automatic key import from Mails
[ ] Automatic key import from News
[ ] 271.14 Use PGP/MIME <= currently not working, have to check

When sending a message, you have to choose Special -> PGP in the final
dialog box.

The message is then signed with your private key.

Normally OpenXP supports just the signing, but not the encrypting of
messages.

If you want to encrypt messages to a specific user you have to go to
OpenXP's address book, select the user and press the key "P" (Passwort).

Configure like this:
Password: (leave empty)
Crypt method: PGP
[x] Default: Crypt

Again, upon sending a message, you have to choose Special -> PGP in the
final dialog box.

Ciao
Gunter
null modem (25.05.2020, 21:12)
Hello Gunter!

** On Sunday 24.05.20 - 20:58, gunter.sandner wrote to :

> Hallo August!


> I had a little spare time and tested OpenXP with PGP.


> At first, I downloaded PGP 6.5.8 from this site:
>


Is there any reason this might not work with GnuPG?

I have this:

β”Œβ”€ PGP settings ────────────────┠€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β ”€β”
β”‚ β”‚
β”‚ PGP version GnuPG ↓ β”‚
β”‚ β”‚
β”‚ [x] PGP support β”‚
β”‚ β”‚
β”‚ [x] Batch mode β”‚
β”‚ [x] Wait for key after PGP call β”‚
β”‚ [ ] Log file for automatic actions β”‚
β”‚ β”‚
β”‚ [x] Automatic key import from Mails β”‚
β”‚ [ ] Automatic key import from News β”‚
β”‚ β”‚
β”‚ [ ] fehlt: [271.14] β”‚
β”‚ β”‚
β”‚ User ID β”‚
β”‚ β”‚
β”‚ GPG options -sea -r wilfred ↓ β”‚

> I istalled the whole package in a virtual machine and copied just the
> PGP.EXE (which is a pure command line program) over to my main computer
> into a directory contained in the PATH variable, so that OpenXP can execute
> it.


Again.. do I *have* to use PGP and not GnuPG?

> Next, I opened an command line and executed "pgp -kg" in order to
> generate a public/private key pair. The resulting files are stored by
> PGP.EXE in the directory "%USERPROFILE%\Application Data\PGP".


Yes.. GPG has no trouble running from any directory on my system. GPG
decided to install itself on C:, but I have OpenXP on H:

> In OpenXP (Config/External/PGP) I made the following configuration:
> PGP version 6.5.x
> [x] PGP support
> [x] Batch mode
> [x] Wait for key after PGP call
> [ ] Log file for automatic actions
> [x] Automatic key import from Mails
> [ ] Automatic key import from News
> [ ] 271.14 Use PGP/MIME < urrently not working, have to check


YES.. I have the same thing.

> When sending a message, you have to choose Special -> PGP in the final
> dialog box.


> The message is then signed with your private key.


When I go through the process of Special -> PGP, I get this:

'C:\PROGRAM' is not recognized as an internal or external command,
operable program or batch file.
Press any key ...

..and a then OpenXP pops up a little warning "message was not signed/
encrypted"

> Normally OpenXP supports just the signing, but not the encrypting of
> messages.


> If you want to encrypt messages to a specific user you have to go to
> OpenXP's address book, select the user and press the key "P" (Passwort).


> Configure like this:
> Password: (leave empty)
> Crypt method: PGP
> [x] Default: Crypt


Yes.. I have that for a particular person.

> Again, upon sending a message, you have to choose Special -> PGP in the
> final dialog box.


..BUT it would fail at that point.

../|ug
Gunter (26.05.2020, 17:57)
Hallo August!

>> At first, I downloaded PGP 6.5.8 from this site:
>>


> Is there any reason this might not work with GnuPG?


No, it should work with GnuPG, at least this was common sense in year 2000

> I have this:
> ...


I think your settings are OK.

> When I go through the process of Special -> PGP, I get this:


> 'C:\PROGRAM' is not recognized as an internal or external command,
> operable program or batch file.
> Press any key ...


This is a bug in OpenXP, due to it's DOS history.
I uploaded "openxp_5.0.44_win32_exe+english_res.zip" to the service section


Unzip the two files in the ZIP into your OpenXP installation.

>> If you want to encrypt messages to a specific user you have to go to
>> OpenXP's address book, select the user and press the key "P"
>> (Passwort).


>> Configure like this:
>> Password: (leave empty)
>> Crypt method: PGP
>> [x] Default: Crypt


> Yes.. I have that for a particular person.


>> Again, upon sending a message, you have to choose Special -> PGP inthe
>> final dialog box.


I told you wrong.
Special -> PGP is just for signing.
If you want to just encrypt, youd don't have to do this.

Ciao
Gunter
august abolins (28.05.2020, 05:02)
Hello Gunter!

>> 'C:\PROGRAM' is not recognized as an internal or external command,
>> operable program or batch file.
>> Press any key ...


> This is a bug in OpenXP, due to it's DOS history.
> I uploaded "openxp_5.0.44_win32_exe+english_res.zip" to the service section
>


> Unzip the two files in the ZIP into your OpenXP installation.


DONE. Now, I just get this after I've selected the name configured with
the Password for my public key.

gpg: conflicting commands
Press any key ...

>>> If you want to encrypt messages to a specific user you have to go to
>>> OpenXP's address book, select the user and press the key "P"
>>> (Passwort).


>>> Configure like this:
>>> Password: (leave empty)
>>> Crypt method: PGP
>>> [x] Default: Crypt


Then... I re-read the above and left the Password field empty. But then I
get after I try to save the message:

gpg: -sea: skipped: No public key
gpg: H:\DOWNLOADS\OPENXP\TEMP\PGP_6337: encryption failed: No public key
Press any key ...

> I told you wrong.
> Special -> PGP is just for signing.
> If you want to just encrypt, youd don't have to do this.


The person I write to is pre-configured with "P" in the address book. So,
when I go to save the message, the "PGP" is already present in the Special
dialog. But then the it fails to sign and gives me the "No public key"
message above.

We're CLOSE to getting this working! :) But what part of the sequence am
I missing?

../|ug
august abolins (28.05.2020, 05:22)
Hello Gunter!

I got a little closer to getting the Signing part working.

I wrote my message to myself, selected Special -> PGP, I was prompted by
gpg for my passphrase. That seemed to go smoothly without any errors or
warnings. The message that was saved in the Messages/Unsent was not
signed. BUT, I noticed a new temp-file in the /TEMP directory that *did*
embody my original text, and it had the signed block below it:

temp-file = 6176.$$$

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello August!

Will this work?

Regards,

So... OPX is signing the message properly, but it is not substituting the
original message with the signed .$$$ temp file.

Actually, the same thing is failing when encrypting a whole message. OXP
creates a MSG.TMP.asc (ascii armoured file) in the /TEMP directory fully
encrypted, but that files is not used to replace the original message in
the outbound queue.

So, the gpg dynamics are working. But the temp file substitutions are
not.

../|ug
Franklin Schiftan (28.05.2020, 05:36)
For Info - This, your posting, August, is signed.

august abolins schrieb am 28.05.2020 um 05:22 Uhr:

[..]
> Will this work?
> Regards,
> ../|ug


So... OPX is signing the message properly, but it is not
substituting the
original message with the signed .$$$ temp file.

Actually, the same thing is failing when encrypting a whole message.
OXP
creates a MSG.TMP.asc (ascii armoured file) in the /TEMP directory
fully
encrypted, but that files is not used to replace the original
message in
the outbound queue.

So, the gpg dynamics are working. But the temp file substitutions are
not.

../|ug
Wolfgang Allinger (28.05.2020, 11:26)
On 27 May 20 at group /de/comm/software/crosspoint in article hj8puoF2ecfU1
<fraschi_usenet> (Franklin Schiftan) wrote:

> For Info - This, your posting, August, is signed.


No, for me ist not signed.
Franklin, you missed, that August quoted his own temp... file
the posting itself is not PGP signed.

Saludos (an alle Vernόnftigen, Rest sh. sig)
Wolfgang
Gunter (28.05.2020, 13:07)
Hallo august!

>> Configure like this:
>> Password: (leave empty)
>> Crypt method: PGP
>> [x] Default: Crypt


> Then... I re-read the above and left the Password field empty. But then
> I get after I try to save the message:


> gpg: -sea: skipped: No public key
> gpg: H:\DOWNLOADS\OPENXP\TEMP\PGP_6337: encryption failed: No public
> key Press any key ...


The public key of your communication partners key isn't stored within
OpenXP, it has to be stored in (Gnu)PGP's keyring (see below).

>> I told you wrong.
>> Special -> PGP is just for signing.
>> If you want to just encrypt, youd don't have to do this.


> The person I write to is pre-configured with "P" in the address book.
> So, when I go to save the message, the "PGP" is already present in the
> Special dialog. But then the it fails to sign and gives me the "No
> public key" message above.


I'll try to explain, although i'm not a PGP expert.

1. Signing

You can sign any message, either public or private, with your private key.
This is the reason why you have to enter your PGP passphrase upon sending a
signed message within OpenXP using Special -> PGP. PGP uses your passphrase
to reveal your private key and sign the message (which will remain human
readable). The receiver of the message, either the public or some specific
person, has to have your public key stored in it's PGP keyring, so that PGP
can check the signature and verify that the message was not tampered on
it's way over the network. In OpenXP, the receiver of a signed message
would do this by Message -> PGP -> Test signature.

2. Encrypting

You can encrypt a private message to some specific person by usign it's
public key. Therefore the public key of this person has to be stored in
*your* (Gnu)PGP's keyring. Upon receiving, this person can decrypt your
message by using the person's private key. In order to do that, the person
has to enter the passphrase upon receiving, so that (Gnu)PGP.EXE can reveal
the private key and decrypt the message.

3. Both encrypting and signing

You can do this in OpenXP, but I would not recommend it.
I think OpenXP first encrypts (if you send a private message to a person
whose "Crypt method" is "PGP" or "PGP/MIME") and then signs the whole thing
(if you choose Special -> PGP upon sending).

> We're CLOSE to getting this working! :)


Yes, but I'm getting the impression that currently the PGP support in
OpenXP is slightly broken.

I think it worked well 20 years ago, but these were the days when OpenXP
used IBM/MS-DOS character set only.

Nowadays there is heavy character set conversion between UTF-8, ISO-8859
and IBM character set within OpenXP, back an forth and back again.

Your message which travels over the internet wires to it's receiver isn't
necessarily excactly the same message you wrote. I'll investigate these
problems in the next days or weeks, mabe we get a stable solution.

And it seems to me that PGP/MIME is more broken than plain PGP.

So I would advice you for the time being to test with crypt method "PGP",
not with "PGP/MIME". And you should use ASCII characters only in your
messages, no german umlauts or some other exotic letters.

Ciao
Gunter

Δhnliche Themen