|
|
Can someone please provide the steps to configure OpenXP with GnuPG so that I can send encrypted netmail in Fidonet?
|
|
|
|
Hallo August!
> Can someone please provide the steps to configure OpenXP with GnuPG so > that I can send encrypted netmail in Fidonet? Although I am the the current maintainer of OpenXP, I cannot answer your question. I never used PGP/GPG in conjunction with OpenXP, but I heard configuring it isn't a thing for the soft-hearted :-) Ciao Gunter |
|
|
On Saturday, April 11, 2020 at 2:17:18 PM UTC-4, Gunter wrote:
> Hallo August! > Although I am the the current maintainer of OpenXP, I cannot answer your > question. > I never used PGP/GPG in conjunction with OpenXP, but I heard configuring it > isn't a thing for the soft-hearted :-) > Ciao > Gunter [1] I can trigger a "gpg -sea -r $ASK" by configuring a macro for it. I simply select an Unsent message in the list and launch the macro. The resultant message is stored as MSG.TMP.asc in the /TEMP directory, but it doesn'treplace the original MSG.TMP file to be sent. :( Alternatively, [2] The Pgp option in the Save/Special/PGP sequence ehaves like it wants towork, but I get an error message: " 'C:\PROGRAM' is not recognized as an internal or external command, operable program or batch file. Press any key ..." So there seems to be a couple of ways to go about it. A macro for [gpg -r $FILE"] just ends up as a big dark screen. :( Thanks, Gunter.. for your reply. Maybe there is a way to get the word out and find someone who has PGP configured to work. |
|
|
On Saturday, April 11, 2020 at 3:56:46 PM UTC-4, August Abolins wrote:
> On Saturday, April 11, 2020 at 2:17:18 PM UTC-4, Gunter wrote: > [1] I can trigger a "gpg -sea -r $ASK" by configuring a macro for it. I simply select an Unsent message in the list and launch the macro. The resultant message is stored as MSG.TMP.asc in the /TEMP directory, but it doesn't replace the original MSG.TMP file to be sent. :( > Alternatively, > [2] The Pgp option in the Save/Special/PGP sequence ehaves like it wants to work, but I get an error message: " 'C:\PROGRAM' is not recognized as aninternal or external command, operable program or batch file. > Press any key ..." > So there seems to be a couple of ways to go about it. > A macro for [gpg -r $FILE"] just ends up as a big dark screen. :( > Thanks, Gunter.. for your reply. Maybe there is a way to get the word out and find someone who has PGP configured to work. Ooops I meant "-d" not "-r" as below: A macro for [gpg -d $FILE"] just ends up as a big dark screen. :( The idea is to create a macro to at least decode and read an encrypted message on the fly. |
|
|
Hallo August!
> Thanks, Gunter.. for your reply. Maybe there is a way to get the word > out and find someone who has PGP configured to work. If you select Config/Extern/PGP you get a dialog with various options. Just as a hint: - switch language to German (Config/Options/Language) - open dialog "PGP-Einstellungen" (Config/Extern/PGP) - press F1 (Help) - help item "PGP - Informationen" should be displayed - an the very end of this item select "PGP - Detailinformationen" - help item "PGP - Detailinformationen" should be displayed Translate all those texts to English, they might be helpful. But frankly, I hardly understand those texts myself :-) Ciao Gunter |
|
|
Hello August!
*** 11.04.20 at 05:28, August Abolins wrote: > Can someone please provide the steps to configure OpenXP with GnuPG so that > I can send encrypted netmail in Fidonet? Although I have no experience with PGP whatsoever, perhaps the following help text from another Point programme may be of some help: ---------- 8< ---------- PGP PGP-path: The path to pgp.exe Public keyring: Path and filename of your "public keyring". Decode: Command line for decoding: e.g "pgp c:.asc" Encrypt: Command line for encrypting: e.g "pgp -ea c:.txt" Kill sent for encrypted mail: The encrypted version of the message will bear the "KillSent" flag which means it will be deleted after the message has been sent. Delete after decryption: After decrypting, the original encrypted message will be deleted. Notes on encryption: If you select "Encrypt" in the "Message" menu, you will be presented with a dialog where you can enter the user-id of the addressee. APoint checks the PGP-keyring for the id of the addressee. The program looks for an id in the form "First name Surname <Address>". If this is unsuccessfull, the program then looks for "First name Surname" and finally (if this string is not in the keyring) only the first name. Then the text of the message is saved with the name "msg.txt" in the PGP-directory. Finally, PGP is started and the command line in the options dialog is completed for the user-id. When PGP is finished, the program tries to load the encrypted text in the file with the name "msg.asc". If this is successful, a new message containing the encrypted text is written to the MsgBase and the original message is marked as sent. Notes on decryption: The message text is saved with the name "msg.asc" in the PGP- directory, PGP is started and finally the decrypted text is loaded in the file "msg". WARNING!!! You MUST confirm with your Boss whether he/she accepts encrypted mail beforehand. To send encrypted mail via a Boss that does NOT accept it is asking for BIG trouble. Quite a lot of FidoNet Nodes do NOT allow encrypted mail to pass via their systems so don't say you haven't been warned! ---------- 8< ---------- Regards, Martin |
|
|
On Monday, April 13, 2020 at 4:59:35 AM UTC-4, Martin Foster wrote:
[..] > ---------- 8< ---------- > Regards, > Martin Thank you Martin! As a matter of fact.. I *was* looking at Apoint's PGP functionality requirements too. Apoint predates GnuPG so all its referencesand example are for pgp.exe. I found the fields where to specify the PGP stuff and substituted "gpg.exe" instead of "pgp.exe" and made the proper references to the location of the keyring, etc. But it would still stumble on something and fail. I've given up on Apoint for a while. OXP seems to be the better program to capitalize on the benefits of encryption if I can get it to cooperate. |
|
|
Hallo August!
> Thank you Martin! As a matter of fact.. I *was* looking at Apoint's > PGP functionality requirements too. Apoint predates GnuPG so all its > references and example are for pgp.exe. I found the fields where to > specify the PGP stuff and substituted "gpg.exe" instead of "pgp.exe"and > made the proper references to the location of the keyring, etc. Butit > would still stumble on something and fail. I've given up on Apoint for > a while. OXP seems to be the better program to capitalize on the > benefits of encryption if I can get it to cooperate. I had a little spare time and tested OpenXP with PGP. At first, I downloaded PGP 6.5.8 from this site: I istalled the whole package in a virtual machine and copied just the PGP.EXE (which is a pure command line program) over to my main computer into a directory contained in the PATH variable, so that OpenXP can execute it. Next, I opened an command line and executed "pgp -kg" in order to generate a public/private key pair. The resulting files are stored by PGP.EXE in the directory "%USERPROFILE%\Application Data\PGP". In OpenXP (Config/External/PGP) I made the following configuration: PGP version 6.5.x [x] PGP support [x] Batch mode [x] Wait for key after PGP call [ ] Log file for automatic actions [x] Automatic key import from Mails [ ] Automatic key import from News [ ] 271.14 Use PGP/MIME <= currently not working, have to check When sending a message, you have to choose Special -> PGP in the final dialog box. The message is then signed with your private key. Normally OpenXP supports just the signing, but not the encrypting of messages. If you want to encrypt messages to a specific user you have to go to OpenXP's address book, select the user and press the key "P" (Passwort). Configure like this: Password: (leave empty) Crypt method: PGP [x] Default: Crypt Again, upon sending a message, you have to choose Special -> PGP in the final dialog box. Ciao Gunter |
|
|
Hello Gunter!
** On Sunday 24.05.20 - 20:58, gunter.sandner wrote to : > Hallo August! > I had a little spare time and tested OpenXP with PGP. > At first, I downloaded PGP 6.5.8 from this site: > Is there any reason this might not work with GnuPG? I have this: ββ PGP settings βββββββββββββββββ βββββββββββββββββ β β β β PGP version GnuPG β β β β β [x] PGP support β β β β [x] Batch mode β β [x] Wait for key after PGP call β β [ ] Log file for automatic actions β β β β [x] Automatic key import from Mails β β [ ] Automatic key import from News β β β β [ ] fehlt: [271.14] β β β β User ID β β β β GPG options -sea -r wilfred β β > I istalled the whole package in a virtual machine and copied just the > PGP.EXE (which is a pure command line program) over to my main computer > into a directory contained in the PATH variable, so that OpenXP can execute > it. Again.. do I *have* to use PGP and not GnuPG? > Next, I opened an command line and executed "pgp -kg" in order to > generate a public/private key pair. The resulting files are stored by > PGP.EXE in the directory "%USERPROFILE%\Application Data\PGP". Yes.. GPG has no trouble running from any directory on my system. GPG decided to install itself on C:, but I have OpenXP on H: > In OpenXP (Config/External/PGP) I made the following configuration: > PGP version 6.5.x > [x] PGP support > [x] Batch mode > [x] Wait for key after PGP call > [ ] Log file for automatic actions > [x] Automatic key import from Mails > [ ] Automatic key import from News > [ ] 271.14 Use PGP/MIME <urrently not working, have to check YES.. I have the same thing. > When sending a message, you have to choose Special -> PGP in the final > dialog box. > The message is then signed with your private key. When I go through the process of Special -> PGP, I get this: 'C:\PROGRAM' is not recognized as an internal or external command, operable program or batch file. Press any key ... ..and a then OpenXP pops up a little warning "message was not signed/ encrypted" > Normally OpenXP supports just the signing, but not the encrypting of > messages. > If you want to encrypt messages to a specific user you have to go to > OpenXP's address book, select the user and press the key "P" (Passwort). > Configure like this: > Password: (leave empty) > Crypt method: PGP > [x] Default: Crypt Yes.. I have that for a particular person. > Again, upon sending a message, you have to choose Special -> PGP in the > final dialog box. ..BUT it would fail at that point. ../|ug |
|
|
Hallo August!
>> At first, I downloaded PGP 6.5.8 from this site: >> > Is there any reason this might not work with GnuPG? No, it should work with GnuPG, at least this was common sense in year 2000 > I have this: > ... I think your settings are OK. > When I go through the process of Special -> PGP, I get this: > 'C:\PROGRAM' is not recognized as an internal or external command, > operable program or batch file. > Press any key ... This is a bug in OpenXP, due to it's DOS history. I uploaded "openxp_5.0.44_win32_exe+english_res.zip" to the service section Unzip the two files in the ZIP into your OpenXP installation. >> If you want to encrypt messages to a specific user you have to go to >> OpenXP's address book, select the user and press the key "P" >> (Passwort). >> Configure like this: >> Password: (leave empty) >> Crypt method: PGP >> [x] Default: Crypt > Yes.. I have that for a particular person. >> Again, upon sending a message, you have to choose Special -> PGP inthe >> final dialog box. I told you wrong. Special -> PGP is just for signing. If you want to just encrypt, youd don't have to do this. Ciao Gunter |
|
|
Hello Gunter!
>> 'C:\PROGRAM' is not recognized as an internal or external command, >> operable program or batch file. >> Press any key ... > This is a bug in OpenXP, due to it's DOS history. > I uploaded "openxp_5.0.44_win32_exe+english_res.zip" to the service section > > Unzip the two files in the ZIP into your OpenXP installation. DONE. Now, I just get this after I've selected the name configured with the Password for my public key. gpg: conflicting commands Press any key ... >>> If you want to encrypt messages to a specific user you have to go to >>> OpenXP's address book, select the user and press the key "P" >>> (Passwort). >>> Configure like this: >>> Password: (leave empty) >>> Crypt method: PGP >>> [x] Default: Crypt Then... I re-read the above and left the Password field empty. But then I get after I try to save the message: gpg: -sea: skipped: No public key gpg: H:\DOWNLOADS\OPENXP\TEMP\PGP_6337: encryption failed: No public key Press any key ... > I told you wrong. > Special -> PGP is just for signing. > If you want to just encrypt, youd don't have to do this. The person I write to is pre-configured with "P" in the address book. So, when I go to save the message, the "PGP" is already present in the Special dialog. But then the it fails to sign and gives me the "No public key" message above. We're CLOSE to getting this working! :) But what part of the sequence am I missing? ../|ug |
|
|
Hello Gunter!
I got a little closer to getting the Signing part working. I wrote my message to myself, selected Special -> PGP, I was prompted by gpg for my passphrase. That seemed to go smoothly without any errors or warnings. The message that was saved in the Messages/Unsent was not signed. BUT, I noticed a new temp-file in the /TEMP directory that *did* embody my original text, and it had the signed block below it: temp-file = 6176.$$$ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello August! Will this work? Regards, So... OPX is signing the message properly, but it is not substituting the original message with the signed .$$$ temp file. Actually, the same thing is failing when encrypting a whole message. OXP creates a MSG.TMP.asc (ascii armoured file) in the /TEMP directory fully encrypted, but that files is not used to replace the original message in the outbound queue. So, the gpg dynamics are working. But the temp file substitutions are not. ../|ug |
|
|
For Info - This, your posting, August, is signed.
august abolins schrieb am 28.05.2020 um 05:22 Uhr: [..] > Will this work? > Regards, > ../|ug So... OPX is signing the message properly, but it is not substituting the original message with the signed .$$$ temp file. Actually, the same thing is failing when encrypting a whole message. OXP creates a MSG.TMP.asc (ascii armoured file) in the /TEMP directory fully encrypted, but that files is not used to replace the original message in the outbound queue. So, the gpg dynamics are working. But the temp file substitutions are not. ../|ug |
|
|
On 27 May 20 at group /de/comm/software/crosspoint in article hj8puoF2ecfU1
<fraschi_usenet> (Franklin Schiftan) wrote: > For Info - This, your posting, August, is signed. No, for me ist not signed. Franklin, you missed, that August quoted his own temp... file the posting itself is not PGP signed. Saludos (an alle Vernόnftigen, Rest sh. sig) Wolfgang |
|
|
Hallo august!
>> Configure like this: >> Password: (leave empty) >> Crypt method: PGP >> [x] Default: Crypt > Then... I re-read the above and left the Password field empty. But then > I get after I try to save the message: > gpg: -sea: skipped: No public key > gpg: H:\DOWNLOADS\OPENXP\TEMP\PGP_6337: encryption failed: No public > key Press any key ... The public key of your communication partners key isn't stored within OpenXP, it has to be stored in (Gnu)PGP's keyring (see below). >> I told you wrong. >> Special -> PGP is just for signing. >> If you want to just encrypt, youd don't have to do this. > The person I write to is pre-configured with "P" in the address book. > So, when I go to save the message, the "PGP" is already present in the > Special dialog. But then the it fails to sign and gives me the "No > public key" message above. I'll try to explain, although i'm not a PGP expert. 1. Signing You can sign any message, either public or private, with your private key. This is the reason why you have to enter your PGP passphrase upon sending a signed message within OpenXP using Special -> PGP. PGP uses your passphrase to reveal your private key and sign the message (which will remain human readable). The receiver of the message, either the public or some specific person, has to have your public key stored in it's PGP keyring, so that PGP can check the signature and verify that the message was not tampered on it's way over the network. In OpenXP, the receiver of a signed message would do this by Message -> PGP -> Test signature. 2. Encrypting You can encrypt a private message to some specific person by usign it's public key. Therefore the public key of this person has to be stored in *your* (Gnu)PGP's keyring. Upon receiving, this person can decrypt your message by using the person's private key. In order to do that, the person has to enter the passphrase upon receiving, so that (Gnu)PGP.EXE can reveal the private key and decrypt the message. 3. Both encrypting and signing You can do this in OpenXP, but I would not recommend it. I think OpenXP first encrypts (if you send a private message to a person whose "Crypt method" is "PGP" or "PGP/MIME") and then signs the whole thing (if you choose Special -> PGP upon sending). > We're CLOSE to getting this working! :) Yes, but I'm getting the impression that currently the PGP support in OpenXP is slightly broken. I think it worked well 20 years ago, but these were the days when OpenXP used IBM/MS-DOS character set only. Nowadays there is heavy character set conversion between UTF-8, ISO-8859 and IBM character set within OpenXP, back an forth and back again. Your message which travels over the internet wires to it's receiver isn't necessarily excactly the same message you wrote. I'll investigate these problems in the next days or weeks, mabe we get a stable solution. And it seems to me that PGP/MIME is more broken than plain PGP. So I would advice you for the time being to test with crypt method "PGP", not with "PGP/MIME". And you should use ASCII characters only in your messages, no german umlauts or some other exotic letters. Ciao Gunter |
|