Privacy

Zimmermann Legal Defense

CypherPunks

Pretty Good Privacy

Why PGP?

PGP FAQ

My PGP Story

Factoring

BlackNet Attack

MIT v. PRZ?

MajorDomo + PGP

Path: ceigate!GreatCircle.COM!majordomo-users-owner
From: jeffrey@thompson.itm.org (Jeffrey Thompson)
Subject: How-To Add PGP to MajorDomo v1.93 (Candidate for FAQ)
Message-ID: 

If you would like to work PGP encryption into your majordomo list server you can do this (daemon is my majordomo user-id, you may have a different one):

1. Install pgp on your computer and assign a private/public key for your majordomo-id.
   1. You can get it from anonymous ftp at net-dist.mit.edu:/pub/PGP/. Version 2.6 is a good version to get.
   2. Make sure that your majordomo-id has it's home directory of /usr/local/majordomo (or wherever your majordomo stuff is)
   3. Do the following steps:
      1. cd /usr/local/majordomo (or wherever your majordomo stuff is)
      2. mkdir .pgp
      3. create your private/public key-rings for majordomo-id (from PGP docs) (my majordomo-id is daemon)
      4. create a config.txt file (pgp likes this) refer to the man page for useful options
      5. my .pgp dir looks like this:

         /usr/local/majordomo/.pgp:
         total 7
         drwxrwxr-x   2 daemon   daemon       1024 Feb 26 00:40 .
         drwxrwxr-x   6 daemon   daemon       1024 Feb 26 01:05 ..
         -rw-r--r--   1 daemon   daemon          0 Feb 26 00:37 config.txt
         -rw-rw-rw-   1 daemon   daemon        336 Feb 26 00:39 daemon.pkey
         -rw-------   1 daemon   daemon        184 Feb 25 21:03 pubring.bak
         -rw-------   1 daemon   daemon        537 Feb 25 21:07 pubring.pgp
         -rw-------   1 daemon   daemon         24 Mar  4 22:32 randseed.bin
         -rw-------   1 daemon   daemon        517 Feb 25 21:03 secring.pgp
              

2. Under /usr/local/majordomo create a link to the pgp program (my pgp is in /usr/local/bin)
   1. cd /usr/local/majordomo
   2. ln -s /usr/local/bin/pgp pgp

3. To email encrypted email to certain recipients of the list:
   1. Add the users public key to the daemon's public keyring:
      1. su daemon
      2. cd /usr/local/majordomo
      3. pgp -ka users_public_key_in_file
   2. setup a pgp alias for each pgp user (jeffrey for example):

      jeffrey_pgp: "|/usr/local/majordomo-1.93/wrapper pgp -feat jeffrey | mailx jeffrey"

      The wrapper has majordomo-user, daemon, call pgp with "filter" options to encrypt the data on stdin and send it to stdout which gets emailed to the pgp user.

   3. Place the pgp alias (.e.g., jeffrey_pgp) in the list file so the email generated by the list is encrypted and emailed to the user.

4. To receive encrypted messages, decrypt them (automatically), and distribute the decrypted message to the list:
   1. You extract an ascii version of the daemon's public key to make available to everyone:
      1. su daemon
      2. pgp -kxa daemon daemon (extract's daemon's public-key to daemon.asc) you might want to make this available to users since they will need to add daemon's public-key to their public keyrings to encrypt messages to send to the list

5. Create an unpgp shell program that will automatically decrypt messages: Place it in /usr/local/majordomo directory.

         !/bin/bash
         export PGPPASS="daemon's secret phrase to unencrypt"
         pgp -f
         

   This shell program reads encrypted email on stdin and produces the unencrypted message on stdout.

6. Make a pgp alias for the list:

   majordomo-list_pgp: "|/usr/local/majordomo-1.93/wrapper unpgp | mailx majordomo-list"

-- 
Jeffrey Thompson       Check out Linux-OS Talk Area: telnet moo.du.org 8888
Linux is great!                                      connect guest
                       to talk: say Hello World      @go #11848
                       or       "Hello World         @quit    (when done)