Silk Road forums
Discussion => Newbie discussion => Topic started by: CaptainOblivious on June 20, 2013, 10:29 pm
-
So I'm new here, but not new to computers...ie, I have a decent working knowledge of them. However, no matter what threads or tutorials I visit regarding the gpg and encrypting/decrypting public keys, I get more confused.
I visited the Newb thread at the top of this page and read 25 pages of nonsense and gobble-dee-gook and feel utterly defeated! I downloaded gpg4usb/win and have been playing with it to no avail. I see "Start Public Key" in forum responses. I copy this and paste it into the "clipboard". I then press the "decrypt" icon and receive one of the following responses:
1) A little box that says "NO DATA!"
2) A little box that has two choices.....INPUT and OUTPUT.
So...do I copy/paste a "public key" into my clipboard on gpg, notepad on my desktop, the "INPUT" part of the second choice above, or somewhere else entirely????
Which of MY keys is the private one?
A)The one with two colored keys and my name or
B) The one below it which looks like an email addy.
Don't flame me too hard....I'd rather just look retarded than throw my hands up and just quit this endeavor entirely. Christ....I haven't even started on getting bitcoins on my SR account and I've had it for three days just trying to decrypt a damn public key!
-
As a newb myself trying to wrap my old head around all of this, I feel your pain. I truly hope one of these wonderfully knowledgeable vets will come to our rescue. I feel like my hands are tied because I want to order but I want to do so in the most discrete way possible. I have a lot to lose by doing this wrong. Thanks for the post. Hopefully our longing for knowledge will not go unnoticed.
-
I found YouTube very helpful. Best of luck
-
When I was new here I found the youtube videos to be most helpful, try youtube captain and if you have further questions you can pm me.
-
I can't help because I use GPA which has its tricky bits but seems to be a bit less tricky than the others. The only thing I don't like about it is you have to create a notecard with the vendors key in it to load into gpa the first time. If there's an easier way to do it I've not found it.
try gpa though, it might reduce the angst www.gnugp.org
-
I tried YT numerous times today and no two explanations are even close to being the same.
One guy was using Notepad off his desktop.
One guy was using what he said was gpg, but his homescreen looked nothing like mine.
One guy had the same screen, but was importing keys using something called Kleopatra.
Pardon me for saying, but this whole process seems hard to the point of absolute absurdity. It's a friggin encrypt/decrypt program and is harder to use than programming Linux for crisake. It should be a real simple copy/paste/decrypt point and click, but instead, the instructions are filled with so many contradictions and dead end explanations, that one would need a degree in computer science just to figure out wtf is going on.
-
http://dkn255hz262ypmii.onion/index.php?topic=175246.0;topicseen
The above link helps with the feelings of being stupid, not with how to resolve the issue however. I think "retarded" is a non-pc designation whether true or not.
GPG is what I'm using or at least trying to use. Everyone refers me to tutorials or help pages but it does no good, I'm stuck at the beginning. Do we import the key as a text file into the program and should we give it some special name so GPG at least sees the file? Who knows I'll keep looking even though most folks just rely on the SR encryption.
-
Hey - know what you mean tho - I am an IT "Professional" but had trouble getting my head round it. I went with a Tails setup on USB. This is overkill, average pleasure seekers don't need this level of security but it did actually make the whole PGP thing quite easy because it is all built in and quite self-explanatory. And we should all be using PGP - BE SAFE PEOPLE. So that coupled with a bit of tooling around in the newbie PGP forum thing worked for me. Try it out:
http://lifehacker.com/5916551/browse-like-bond-use-any-computer-without-leaving-a-trace-with-tails
I am happy to help out and trade some messages if you want to experiment.
-
and verdant_world is the bomb! if s/he can't get you started then no one can! ;D
-
OK...so I copy someones encrypted PUBLIC key from this page. The thing I don't understand is where do I paste the damned thing?? It's encrypted...do I have to decrypt it first? If so, HOW do I do that??
If not, I see no place to paste the encrypted public keys I'm trying.
THE OVERALL QUESTION IS THIS: I copy the WHOLE public key. I paste it WHERE? I decrypt it HOW. I'm 12 hrs in....and am no closer to anything. Is there anyone who will just answer this like I'm a fucking 5 year old please.
-
I do not have the option to "import" from the clipboard....anywhere. When I click the "import key" icon, a side menu pops up and I can pick Desktop, C-prompt, and a couple other random folders on my computer....not clipboard.
However, when I copy/pasted a "public key" from the "Newb PGP" forum and clicked "verify", the gobbledy-gook turned into what appears to be a key. After that, I cannot import that key, copy/paste it, or do anything with it really. I tried copying the key to "notepad" and then tried to import it directly from there, but I get a popup saying that no key was there.
I figure I'm overthinking this whole thing, but can't see where. I'm off til tomorrow when I'll try again, but honestly, I'm only here to purchase an ID from a vendor....must I really go through all of this bullcrap in order to do that?? Hell, if the vendor has a PO box, and I have one, then why all the 007 style nonsense??
I appreciate the help though...just tired and feel like taking my ball and going home.
-
This may be a long shot but hey, it seems possible.
I have a solution that may work for you. Create a new blank file on your computer's desktop, and title it as Worm_Hole.asc
You will then need to open that file with a text editor just like you have already mentioned; notepad should suffice.
Now I cannot say that I have used notepad or gpg4usb/win in this way, however the fundamentals are the same in relation to the methods that I use in pgp'ing.
When you have the Worm_Hole.asc file open, copy and paste my public key into it, and then close/save the file.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.19 (GNU/Linux)
mQENBFGo0m8BCAC1HlAKKR9rasIBs3kFUs2vaer6Xe+qXJg13DdrawvoXM6/4MS8
m8GIpSWDpAuMcSkmTvOFUDjxhdnfMBp3GBCFsowHpvLiMNA9Wc+uKPZCL+EuC4Oz
ILNdh/a3S8giLJ3ZmKaaSHZyFxjVNH3igOwhEZC2QlduTdoVU5UB1l7TbqeCkSpT
Mry21Lh0Cht8mVcw9tV5Ym7igNL8Tbn8sD90J2qBr4H/pXJghfAOajYj6pc3Wv0S
G3u/DoLrERhTDKykZMgnlMRvvTOownoa/8l0j1nhDbSN9+Wrja4oNX2KNqXLG0n4
bbpt1Gqsvss87NtVGJMWeWpYptgeTthw/05/ABEBAAG0Ik5pa29sYSBUZXNsYSA8
YmFzZWp1bXBlckBmcmFjdC5hbD6JATkEEwECACMFAlGo0m8CGwMHCwkIBwMCAQYV
CAIJCgsEFgIDAQIeAQIXgAAKCRAuG5QSYUvNzJsOB/9EPiZT0uGOz2Wdz0zcFUkY
6Dj/EIwq58L3ir/1o34zx2oyS/XReAwoStwNutHpA/rWGRzck8G6m355JP6IRaqj
vuMexjnnGUW4ynsN9svUN1Ef8uhsgAX2C7I1UQrY/DSE5ZlfNGXAS6fsTbMkJNZT
+kpSZmmse1PSw9tz+ME4KVqzvnMt7vT8iKRgXXw8A/lzIRbIkYXWS9j+7xBAXTaK
InfUwffSQg8sKgE0Yc5zFrTkzzzF/vjtAaUwNntFyUMsRm7ckJqT4Be/PFCMCPLi
WSQJNXOR3uVnNFpnOjeZubvm+9QM4Zr8drpQLWRZU0sWMZTIO0M873n3uq9eYVvJ
uQENBFGo0m8BCADxmtzRpWwyMGNspPygovizHpVC+zd0HIvfxIqonJk625IG8ZuG
Vi78v1iyclyhBYdntxGZYcXayc0TTtZeuzNrrRA/ZsMaYTr7j+a5WcbF/Bi6s/e/
1Ft3xAyWa3vo1ucY8Gsk4cPSTFRP17MYH3ngSYbeeya/Z0ANK9u5Lwo0Zc3C2kR7
6VovqjqKvemIS6XGB9sTelhVi2woT3aTyCICsK5BBhOTStfFJPJWRtgKBAQ9LRCE
YpgKec4Eq5IH3DYWVSZn8GlJh4s4M3gO4FAx2tthDSZeaec3invA+o8G+loSjFez
BX/ouVum9MLF+gekXsbjwVv/EH5GbPX/vZxLABEBAAGJAR8EGAECAAkFAlGo0m8C
GwwACgkQLhuUEmFLzcyN4Af8CmxGOn0k3xjM/pLOQYbz2o0m1yAPP2398c98oKVW
KFzAQ8j6W0snhs+vnKOwyIhl4zOrpxYJyJeDR5irZOG6EMxJD7Cxa7agUiT4JA3H
sb9BwRTEebbVhzhowoneRIygbGJk15PiaulLW1e3BuvgD21bW+VsWCUWoX5LIp2p
OfFLyCvdjxynAKsjBjVTo8htjn5N4xNS0B6ln6zfzDVYSs4yfBZtXFtD5vcM6ILJ
dnstl/K9ANCrgymQBhLstly1XtZXjBepj/WhqgbeGH7slobGrbc770wiQWB2GugG
7MJ5FS0tgLP3LOBixmdwpehIFR+h/lL8fqWgmcYcafWYHQ==
=l4VH
-----END PGP PUBLIC KEY BLOCK-----
Again, realize that I am imagining how gpg4usb operates...
At this point, steer your gpg tool to where you import a key - like you most recently mentioned - and see if you can navigate that file search to your computer's desktop, and then find the Worm_Hole.asc file we made. Import that file. If this works, the .asc file will give your gpg tool just what it needs to be able to en/decrypt messages from you to me.
The only other keys involved in the manner of you and I gpg communicating with each other are:
1. Your "Private Key" - which is a key (passphrase) that I imagine gpg4usb would have created/prompted you to create when you generated your public key. The private key/passphrase is one that you need to keep private (or, at least, you do with it what you choose. As you wish!) and will be used by your gpg program when you perform a set of activities, probably including decrypting messages.
2. Your "Public Key" - which you could pass along to me so that I can import it into my keyring and then be able to fully exchange pgp messages with you.
3. My Private Key - used by me in the same manner as you use yours. Only we do not share this key for the sake of privacy.
I hope I have steered you in the clear. Chat on if you must, and keep your learn on! I will answer what I think that I can answer clearly...
Give me your public key and we can whisper.
-
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.20 (MingW32)
mQENBFHDs2YBCACT8q4lkHuT+cv4w79E+hV0LZZ7DAIiJ2W59CVQ/ZJ8KEFpCZ4H
9LN6CI7P9DtZJnH9yCeNCZzo74SqdFeAnpdesc8vSCLEVpWS5NCmFBkCmgY35dDK
s0euJiarNVmL8j67aFBfwoeSLPLliRkJLpq74sJlgpORDIDoPzWO27skspBgoObk
Y1EDBI1vPRjBtmLEhs/7yD6ZptrlhOtpuu+VBgh6j1fVZ9KMmohhsC9aadd/MOax
723ppQ/DwMw6kj+ytjgCXatQBC1rBrdnIPrzyRPtsSP3NVEtkcjOACeGBQThyMoh
mFncAmoFo8crfXanbNSAl+ZuyOc6Ut82z1flABEBAAG0IkNhcHRhaW5PYmxpdmlv
dXMgPENhcHRhaW5AYW9sLmNvbT6JATkEEwECACMFAlHDs2YCGwMHCwkIBwMCAQYV
CAIJCgsEFgIDAQIeAQIXgAAKCRCMA/GOmJU18T9KB/9tMQopksmvgwHIW667enxG
UvU0Sak0YCLhGQved6ECk41DNqv0c4dcRMANVFc/IoylUhe/HHIQIrP7lF2KOfRw
1ijHV5T/6XEYGCgOIf8/NB0ro8HQDHdlNX4tIQiCBU7LJerJnDUNd7AGd/tOHRwZ
7B2NTbIgfv+07arBScEwkVGShejtTxKhWqtEcMRGuyvBPQOemc3SQcXT9wN7aSDD
utLcwzS2pmyafxKcVUcQ7aDsd8GDcQ1opo+XePz56Fn6LOfyD8CQA605WhnjOXx2
gtH2lF4ty+oJXLP2WOOUVhQc09JnJgntacHIf0lP9TM2oyqNv1Cu38teduIqKFu7
uQENBFHDs2YBCADNmUMcXFKqBYIh9uOcTRAOMGy7ePzYPZpKNwKkNhCuz4+c+1ts
B6rj3hMDsU2hE29IhJW5nQD3JbJHS2G3pyuL7JOelmVnZvSzfEPPWgeo0XfxUt9E
yiQthLQoCZ+TW0B41bFkjZdUIeIzjHRSkAlaAPFFd8yRoBGmch518M2SPoM9qviu
JDsv2ryXi05riIkj1OCzwEfLJh+SGb9hF4rFXWbMN9Mvwgqw4jegP0WM0tuPSxoB
/98iu0o/vsVmqW2bY1fBauKJcJAkljWua+LLX6lWM1WyFX+bJ61S5kjrzTllJHB3
MpebKAxbF/ro7GbKNKz5Ul1HKm0eUhinbzKDABEBAAGJAR8EGAECAAkFAlHDs2YC
GwwACgkQjAPxjpiVNfHJFwgAgYKvNdfYr9Fg2YhS5BG4qQjI3jQPOcG2NusfWaQR
ZvhJd7cqceQFJ5f2zHcYzSE9iJrpTPKVKHpLmDdorvKpwohJbD7hSaygIC4djy76
hiK2PecsNVwWiaCFqk0JkjZcxSAECZf8oK8CENekfIqBFvNEIcYxyiN8muU/q9z2
qYj4NwIcJIzyXLXCWvuWNLtmqwwhvmYV+nC5jS3duFPQMbtUjkPRtM9/yji87OLv
QcUfM5rIH4vDB0/oz3Mhrn5vE9D68M3JTimqJFDlyPTz1uMKApzpbVb2GeEMU+vF
rz3VPNAZlrlNh0ijfqoH7N+4Ido5qxS2Jz20rp7c8pf/SA==
=/Ixc
-----END PGP PUBLIC KEY BLOCK-----
-
Way to explain it Mr. Surf!! I believe where I went wrong is not making that .asc file to import to. As soon as I did what you said...BAM...your key appeared on my ring.
I believe I posted my public key just now, but for all I know, it could be my private one...no options for either were given. I just exported MY key to a notpad file, copy/pasted it in the above reply. Can it truly be that friggin simple?? This whole process has seems like a worse torture than bamboo shoots up the fingernails.
Thanks for your patient reply Surf
-
So I've been fiddling with this thing for an hour or so now and wanna see if this is bout' right:
I write a message to Surf on my clipboard. If I encrypt it using MY key, I can then decrypt it using MY key only...and only after I input MY passphrase....which worked fine.
I write a message to Surf and encrypt it using SURFS key...then I can copy/paste the encrypted note into an email or on a forum board and ONLY Surf can decrypt the message using HIS passphrase, correct?
When Surf replies though, I MUST copy/paste HIS reply into a .asc text editor program such as notepad, then I can decrypt Surfs message in the same way I decrypted his key earlier....is that correct?
If it IS correct....then the jury is in...I am officially retarded because that's easy as hell and I'm ashamed.
-
So I'm new here, but not new to computers...ie, I have a decent working knowledge of them. However, no matter what threads or tutorials I visit regarding the gpg and encrypting/decrypting public keys, I get more confused.
here is a little info from my first real post here. don't fret bro its easy
snip
**ENCRYPTION:
*Learn proper PGP/GnuPG and use nothing else when contact or any other even potentially sensitive info. PGP/GnuPG including privnote or any other 3rd party bullshit. any encryption you use should absolutely be OPENSOURCE! . That being said, to just browse the web privatively I guess stuff like "tor2web", is OK but I would never ever use it for SR. Please correct me if I am wrong, I will not be offended, I'll be grateful. I want to help people be safe for their sake and all of our protection. I DO NOT want to spread mis-information so don't be shy.
PGP/GPG beginners, following two tips will be helpful in reassuring yourselg you are doing it correct before using it on SR.
**A great tool for beginners is Adele(automated account to test your PGP skills. Check it out) I'll edit with a CLEARNET link.
** Another very easy tip to remember is if you receive an encrypted message and have to get online to retrieve a key to decrypt it, that means it was done wrong. it was encrypted with the senders Private Key not your public key, same goes in reverse. *This is a SURE sign you are not doing it right, you're close but still not correct usage and not secure.
* BUY THESE TWO BOOKS AND READ THEM!: Both are by Mike Lucas "PGP & GPG: Email for the Practical Paranoid" The other MUST read book by M.Lucas is titled "SSH Mastery: OpenSSH, PuTTY, Tunnels and Keys".
I bet Gen. Patreaus wished he'd spent the $25 for "PGP & GPG ..."? That's really is a good lesson, when the head of the fucking CIA doesn't even know how to keep his email private its worth taking the time to learn. Its pretty easy.
One last word for now about encryption and anonymity.
*REMEMBER, the appearance of security is much worse than the lack of it in many cases as you won't do things if you know you're not secure.
snip
http://dkn255hz262ypmii.onion/index.php?topic=175158.0
-
So I've been fiddling with this thing for an hour or so now and wanna see if this is bout' right:
I write a message to Surf on my clipboard. If I encrypt it using MY key, I can then decrypt it using MY key only...and only after I input MY passphrase....which worked fine.
I write a message to Surf and encrypt it using SURFS key...then I can copy/paste the encrypted note into an email or on a forum board and ONLY Surf can decrypt the message using HIS passphrase, correct?
When Surf replies though, I MUST copy/paste HIS reply into a .asc text editor program such as notepad, then I can decrypt Surfs message in the same way I decrypted his key earlier....is that correct?
If it IS correct....then the jury is in...I am officially retarded because that's easy as hell and I'm ashamed.
It's as simple as that, except for the second to last paragraph where you talk about "decrypting his key." You'll need to have imported his key, not decrypted it. Otherwise, you've got it. Send me a message if you'd like and see! The link to my key is in my sig.
-
It might be difficult to get into but you don't want to fuck with your security buddy. Good luck with it.
-
Open your eyes, look within. Are you satisfied with the life you're living?
-
Your not retarded, people say I'm very smart yet I'm struggling with the encryption thing too. Ill figure it out though.
-
Open your eyes, look within. Are you satisfied with the life you're living?
-
For the question about how to tell if a key if private or public, just open the .asc file in a text editor and you can see that a public key will start with : -----BEGIN PGP PUBLIC KEY BLOCK----- and ends with -----END PGP PUBLIC KEY BLOCK-----.
-
Thanks for all of the input everyone...I believe I have a handle on things now :D
-
hey cap'n -
-----BEGIN PGP MESSAGE-----
Version: GnuPG v2.0.19 (GNU/Linux)
hQEMA9fTmeKUp+rGAQgAvdTmdyQArdq8Rv6xMEP16zaDqMlwaqN/JevPoISVLta4
nZzMmakCxF9qaNLVuHKVXUk4FVZmelMUvoAvlvyGZbjDn59ljxSne3yaOJodYZ6R
TqWEEETqEELM7owExi1Mmn4B6CyDcHpTHhCDK3LUnaIZtp6HhDM8oR0iqVn/kZDR
WTwwtCPoOKCReWWnmApXTUB2EtnisBIz5Z0LGqOCDHyjSrWsy4anT/V1lrC+xov6
CJO7KxL2IPc6wEIIeYqC71siNCPR0eSWUp63Qwl3iLgQ2MCstk4EEawURTq+OOyx
VFjZ21eGh+HfQE6e08CYBSuMThALdJSf5Z8AeaW8TNJYAZgDvG+hXQprf9moJyUg
kiAFbR+XWSeZ4d7NdktrPvDHwpeSvnNRLCAEUr0JqAGOtWa0tzCh4tkYhot6d8lk
xgiZpC4U4AECEd0ROgYuxXbiiC+XKdp20A==
=aeu/
-----END PGP MESSAGE-----
-
Nah, you're not retarded, just understandably stupified by all this PGP crap. I found TAILS to be a godsend in this regard. Not only is it the safest way to access SR, but it's the easiest to get PGP working... 'cause it's already installed. Do this:
http://dkn255hz262ypmii.onion/index.php?topic=176112.msg1265191#msg1265191
-
Surf....
-----BEGIN PGP MESSAGE-----
Version: GnuPG v2.0.20 (MingW32)
hQEMA54C5V7fKmYCAQf/ShDNoED9a3V5p39JxVjp8N+kRIgovm72cKn1WJNX23ty
fsZWIarro71i7yEp8n2Cb2tc1lu/TAUq0DYoMl7WP9u34MFQUNp4KDeERFv7GAs+
VnbWHH8RV9iHjGY6sxaW0PG2Y/LdtTsm+Y+mEp2GUDxPaGrnwsggDHelTBbNJu2Q
qMXy+f2C9L+kP0+4xLb2MXK4ywGMHI3oQYIC9rjWdM7JBsDWQTNNJofv9baKBSUq
HruE5BwW/05kw0kJKlEws/HcQ3icIaHy2FCOQBuJchw4Vn98alpSnkK5rzvj9+kX
kmYNGFnY9Xdoal2yQ7UGWaTErH+is+7T6w52Qj1yiNJkAQNWOmTToAd759+zX8hJ
2x1B8GxJ947RlxfAaGc9xnJtiQAitkz8dIoM/YAl2Rh1gePR3iGIX/J8q4Uos/1W
+MLeqhmHtXlLizf+Voa9B1Buf5nbaiHNE2PvczFu0+7cUwQMdQ==
=lw3U
-----END PGP MESSAGE-----
-
The grimWaldo is cool. But how can we repay those who have come before us?
-
Youtube really did the trick for me also. That is the best bet!
-
i am new too... and had trouble with the PGP thing... what i did was watch a youtube video and walked me thru the whole thing... its way easyer then it seems... that was my problem i was trying to make something harder then it was... you only need the on download when you download PGP... if you download all the stuff it wants you too you end up with this kelopratra thing... you only trying to encrypt texts... you dont need that whole dam thing...