Silk Road forums
Discussion => Security => Topic started by: joeblow2 on July 23, 2011, 09:43 am
-
This is a short but sweet step-by-step guide I wrote for another SR user to accompany the pictorial guide on downloading the necessary programs to run PGP on a Mac. The steps work with Firefox 5.0, 4.0 and earlier:
The program installation tutorial and download is at: http://g7pz322wcy6jnn4r.onion/opensource/II/gpgmacfield.html Written by fellow SR user "goddamn" if I recall correctly.
Download the referenced free MACGPG2 program and go through the first two parts of the tutorial: Installation and Key Generation
Ignore the third part: Message Encryption Operations-you cannot use the "GPG Drop Thing" to encrypt/decrypt messages. It's because you have no way to associate the message with a specific persons public key...that has to be done with a mail program...AFAIK
This will make sense when you get to this point.
To encrypt a message, you will need to open your mail program on Mac, type your message in a "new message" THEN (very important) select the whole message, then go MAIL-->SERVICES-->OPEN PGP:ENCRYPT If you only type the message but don't select/highlight all of it, the necessary function selections will not show up under the SERVICES menu and you will be completely flummoxed and think you are a retarded asswipe...just like I did!!! I nearly went crazy looking for a function I *fucking knew* must exist there, but didn't show up at all.
You have to use your mail program for *importing other people's keys* as well. Just clipboard their key from the source, put it in a new message (you don't have to put a recipient or anything else, just use a blank message, like in the above example) then go to: MAIL-->SERVICES-->OPEN PGP:IMPORT KEY and it will go directly to your keychain, which is a program in your applications file and you can open it and see whose keys you have already and whose you don't. When you finish Installation, it will be empty; when you finish Key Encryption, it will have just your own key in it. Then you add other people's keys from there.
BIG WARNING: use a totally fake name and email when it asks for your name and email during Key Generation. That name and email goes to everyone who imports your public key...so I am joeblow2@noplacelikehome.com
GOOD LUCK!!! :)
-
I use GPGTools for Mac and I am able to encrypt messages to sellers directly from within the Silk Road site: type message, select all text, right-click --> Services --> Open PGP: Encrypt. Then I can choose whose public key to use for the encryption. (Of course, you have to import the seller's public key into GPGTools before you can select it for encryption.)
-
Good deal. I had some seller just yesterday I'd said buyers really appreciated pgp and he said he had mac, so I'll pass this on...good job!
-
So, I've downloaded GPGTools, but all I get is GPG Keychain Access,
when I try to decrypt something through services, I click "OpenPGP: Decrypt" and nothing happens.
Would appreciate any help. I've been playing around with this for the last hour, don't think anything I've done has worked..
-
I had the same problem when I first used it. Try typing a test message on TextEdit and select 'make plain text' under format. That worked for me. It looks like you and do the same thing in your message box in SR.
I will say though, that it was really annoying trying to figure this out. I might be in the dark on this one, but, you would think that there would be a simple straight forward GPG program with a central interface. But, once you figure it out, GPG services isn't too bad.
-
I use GPGTools for Mac and I am able to encrypt messages to sellers directly from within the Silk Road site: type message, select all text, right-click --> Services --> Open PGP: Encrypt. Then I can choose whose public key to use for the encryption. (Of course, you have to import the seller's public key into GPGTools before you can select it for encryption.)
Which Firefox are you using? I've only used the GPGTools with 4.0 and 5.0 and all I get under SERVICES is Import Key and Verify. That's why I instructed to do everything in the MAIL program.
I've just been happy it's been working these 3 months. It's definitely a lot more "plug and play" than it was back in 2003 when I first used it on a Win machine. Waaaaaay better on Mac. :D
-
I use Google Chrome. I've never had to go outside the browser to encrypt messages, but I have to copy and paste encrypted responses into TextEdit in order to decrypt them. If anyone knows of a way to decrypt messages from within a browser, please feel free to share your knowledge here.
-
Hi. I'm trying to get it to work for the first time. I copy and pasted the seller's key onto a message, and successfully imported the key into the GPG key chain access (seller's name appears). I typed out the message I want to send, highlighted the whole message, and went to MAIL-->SERVICES-->OPEN PGP:ENCRYPT and selected the seller's key from the list, but nothing happened. Where does the encrypted message appear? Thanks.
-
Hi. I'm trying to get it to work for the first time. I copy and pasted the seller's key onto a message, and successfully imported the key into the GPG key chain access (seller's name appears). I typed out the message I want to send, highlighted the whole message, and went to MAIL-->SERVICES-->OPEN PGP:ENCRYPT and selected the seller's key from the list, but nothing happened. Where does the encrypted message appear? Thanks.
Wherever you typed the text in cleartext, you should see it magically transform into a lot of gibberish that is the "PGP Encrypted Message".
If you got to the point where it asked you to pick the receivers key, then you had the text all selected, like clipboarded, so I don't get it.
Can you try again and see what happens? Are you doing it in MAIL or on textedit or something? Do it in MAIL, I know that works.
-
@joeblow - I just got it to work I think. It wouldn't work in mail, so I tried the text editor. When you right click in text edit, there is a services option and you can encrypt from there. I'm not 100% sure I got it to work, but it looks right.
-
Hi. I have installed GPGTools (gpgtools.com) as well as tried the method through the tutorial you listed of just installing MacGPG2 and manually creating a key and such. When i go to encrypt things though, the option is never available in the services menu. When i type a message in my mail app or in textEdit and select all, there is no OpenGPG: encrypt option in the services menu. However, when i select a file or something like that on my computer, the OpenGPG options DO appear in the services menu. However, encrypting a file does not work for sending a message via silk road and such, so this presents an issue. I have made sure the OpenGPG options are checked in the Services Preferences and i have also tried uninstalling and reinstalling a few times. Any thoughts as to why this might be happening or how i can fix it?
-
Are you highlighting the text in the text editor before you right click? GPG won't appear in the services menu unless the text you want to encrypt is highlighted.
-
This is a short but sweet step-by-step guide I wrote for another SR user to accompany the pictorial guide on downloading the necessary programs to run PGP on a Mac. The steps work with Firefox 5.0, 4.0 and earlier:
The program installation tutorial and download is at: http://g7pz322wcy6jnn4r.onion/opensource/II/gpgmacfield.html Written by fellow SR user "goddamn" if I recall correctly.
Download the referenced free MACGPG2 program and go through the first two parts of the tutorial: Installation and Key Generation
Ignore the third part: Message Encryption Operations-you cannot use the "GPG Drop Thing" to encrypt/decrypt messages. It's because you have no way to associate the message with a specific persons public key...that has to be done with a mail program...AFAIK
This will make sense when you get to this point.
To encrypt a message, you will need to open your mail program on Mac, type your message in a "new message" THEN (very important) select the whole message, then go MAIL-->SERVICES-->OPEN PGP:ENCRYPT If you only type the message but don't select/highlight all of it, the necessary function selections will not show up under the SERVICES menu and you will be completely flummoxed and think you are a retarded asswipe...just like I did!!! I nearly went crazy looking for a function I *fucking knew* must exist there, but didn't show up at all.
You have to use your mail program for *importing other people's keys* as well. Just clipboard their key from the source, put it in a new message (you don't have to put a recipient or anything else, just use a blank message, like in the above example) then go to: MAIL-->SERVICES-->OPEN PGP:IMPORT KEY and it will go directly to your keychain, which is a program in your applications file and you can open it and see whose keys you have already and whose you don't. When you finish Installation, it will be empty; when you finish Key Encryption, it will have just your own key in it. Then you add other people's keys from there.
BIG WARNING: use a totally fake name and email when it asks for your name and email during Key Generation. That name and email goes to everyone who imports your public key...so I am joeblow2@noplacelikehome.com
GOOD LUCK!!! :)
of all OS's, GPG +PGP is most easy for me on a Mac.
this is good but all current Mac users should be using the stable Intel build of GPGTools, and their terminal.
please note that the gpgmail bundle does not work currently and you must work in command line. It's good for you anyway ;)
all can be done through there.
shoot me a pm with any questions
~btcf~
-
Everytime I think I know about computers I discover I still have lots to learn. I have GPGtools installed on my mac, but I suspect that the fact that I'm running Lion is a bit of a problem. The only place I get the services menu is in finder and that creates a .gpg file that TextEdit refuses to open. No services menu in FF or Chrome though. I can't figure out how to get on SILC on my macbook either. I think I'm going to pm you btcfreedom, hopefully you can help.
-
Are you highlighting the text in the text editor before you right click? GPG won't appear in the services menu unless the text you want to encrypt is highlighted.
Yes, i highlight the text in the text editor. And I don't use right clicking, because Services isn't in my right click menu ( if you have an explanation for this as wel, that would be great). I highlight all the text, go to textEdit (Or Mail, whichever i'm using) -->Services and none of the Open GPG options appear in this case. It is very strange and rather annoying, I am doing things just as other people do it and as tutorials explain it, but for some reason it is not working. Any help would be very greatly appreciated
-
What version of OSX are you using?
-
Lion 10.7
-
Lion 10.7
That's not what I'm using. The website says GPGMail is not supported:
"Is GPGTools compatible with OS X Lion?
Yes, all applications (besides GPGMail) are compatible with OS X Lion. Currently we're updating GPGMail. Any help is very welcome (see issue 135)."
I don't know, maybe it's the GPGMail program that puts the encrypt option in the services menu? That might be the problem.
-
Lion 10.7
That's not what I'm using. The website says GPGMail is not supported:
"Is GPGTools compatible with OS X Lion?
Yes, all applications (besides GPGMail) are compatible with OS X Lion. Currently we're updating GPGMail. Any help is very welcome (see issue 135)."
I don't know, maybe it's the GPGMail program that puts the encrypt option in the services menu? That might be the problem.
Currently the GPGMail.bundle is NOT compatible with 10.7. The finder options are however - to answer your question is GPGServices.Service.
GPGKeychain access should be used to manage all keys only. GPG itself and manipulation of PGP services should be done via terminal. it's commands are available after installing MacGPGTools via the Terminal- e.g. "gpg -help". Finder services are most functional at this time, (control - click or right click on file to Validate,Sign,Encrypt,Import,Decrypt etc....
Developers have a bit of work to do before the .bundle integrates properly with applemail frameworks and bundles.
It is rather penis of Apple to be like this, but we know how they do ;)
L75
-
Lion 10.7
So I figured how to get those OPENPGP commands in Mail on Lion. First, you have to find a URL for the alpha version of GPMail for Lion. It's out there. Just can't find the URL at the moment. Once you have that installed, open Mail. Create a new message and highlight the text. Click Mail --> Services --> Services Preferences (you can also get here from the regular Preferences app). Scroll down the shortcuts list. You'll notice a whole bunch of OpenPGP commands checked that correlate with the ones you expect to see. If these boxes are checked (and don't have keyboard shortcuts associated, special characters off to the right of the shortcut like some others do), then uncheck these. Now keep scrolling down the list and you'll another set of OpenPGP commands just like before, except these have keyboard shortcuts. They're probably not checked, so check them. Close the Preferences window.
Now go back to Mail, start another new message, highlight some message text, and do the Mail --> Services thing again. This time you'll see the missing commands. For me, I still can't get Encrypt to actually work, but I figure I'm on the right path. Post if this fixes your problem or if you're at the same stopping point I am. Let you know if I get any further.
-
Lion 10.7
That's not what I'm using. The website says GPGMail is not supported:
"Is GPGTools compatible with OS X Lion?
Yes, all applications (besides GPGMail) are compatible with OS X Lion. Currently we're updating GPGMail. Any help is very welcome (see issue 135)."
I don't know, maybe it's the GPGMail program that puts the encrypt option in the services menu? That might be the problem.
i am using 10.7 too, and what they mean is the mailbundle that is supposed to integrate into Mail is not compatible.
Do not waste your time with Apple Mail.
download gedit to compose and cut/paste your keys/messages.
use gedit's saved format (windows,linux/unix for mac...etc) to import and export keys, decrypt in the terminal, etc.
eg>
gpg -d (drag and drop the file right onto the terminal) and hit return. you'll be prompted (if PGP is working correctly) to enter your passphrase which is your signed key to the person's encrypted message. once you enter the password, it will tell you the type of encryption it is and decrypt. NOTE: in most instances- if you do not have the person's public key imported into your gpg keying, you will NOT be able to decrypt.
Before decryption I do this: 1. Import the person's PUBLIC key and paste into gedit, save - import via GPGKeychain. 2. Go into the terminal and verify this has been imprted with gpg --list-keys.
So, in essence, it's a combination of the GPGServices, which are right-clickable, and do work with Growl notifcation; straight xcode GUI (GPGKeychain, and GPG Prefpane), and of course Terminal. It's good for you.
L75
-
Are you highlighting the text in the text editor before you right click? GPG won't appear in the services menu unless the text you want to encrypt is highlighted.
Yes, i highlight the text in the text editor. And I don't use right clicking, because Services isn't in my right click menu ( if you have an explanation for this as wel, that would be great). I highlight all the text, go to textEdit (Or Mail, whichever i'm using) -->Services and none of the Open GPG options appear in this case. It is very strange and rather annoying, I am doing things just as other people do it and as tutorials explain it, but for some reason it is not working. Any help would be very greatly appreciated
don't use text editor. download and use gedit, paste your message or key into that, save filetype accordingly (Windows/Linux...etc...will show at the header
of the key and the message). the reason why text editor wont work is the format it saves in. RTF is Mac OS text editor default which I think is gay.
moving forward, with gedit:
once you've saved that document, right click and apply your said services. You can do it all with gedit+gpgTools I've figured out now, no Terminal.
i have successfully encrypted, decrypted, validated, imported, and signed keys / messages.
here to help all Mac OS users. Holla.
L75
-
If you're using Leopard or Snow Leopard, use GPGTools and the Mac Mail plugin.
If you're using Lion, use GPGTools and Thunderbird + Enigma plugin
If all else fails, use Wija or a Windows VM.
For more possibilities, check here: http://www.gnupg.org/related_software/frontends.html
-
If you're using Leopard or Snow Leopard, use GPGTools and the Mac Mail plugin.
If you're using Lion, use GPGTools and Thunderbird + Enigma plugin
If all else fails, use Wija or a Windows VM.
For more possibilities, check here: http://www.gnupg.org/related_software/frontends.html
+1
nice post. this is an excellent link too - http://www.gnupg.org/related_software/frontends.html
GPGT will work fine on 10.5, 10.6.
Great advice for the 10.7 people, but not a fan of using a mail client for encryption. Thunderbird is good, so is Enigma. I just choose not to use.
The more you use a GUI the more logging you'll get - with the terminal and a custom build you can eliminate this.
Windows VM and / or Linux VM are great....Make either one live and / or tails trucrypt and you're golden.
L75
-
I have an issue and hoped someone could help. I have GPG Keychain access. I've imported the the public key of the person that I want to send a PM on SR. However this is what happens when I try to encrypt something in a window like this or the SR PM:
No problem highlighting text
No problem selecting OpenPGP:Encrypt in Services.
Problem when trying to pick the public key that I want to use to encrypt my message/text. The window that says "choose recipients" is totally blank. In fact, not even my private key is shown for the option to sign.
Any thoughts on what the problem is? Any way to make sure all the info/keys gets added to the recipients window?
THANKS
-
thank you all for the great thread; very helpful!
I figured out how to import a seller's key and encrypt a message, but I can't seem to figure out what my public key is! I am using GPG tools.
I tried, in GPG Keychain Access, highlighting my key pair and clicking "export" but there doesn't seem to be any file created.
Can anyone help?
-
whoops, never mind, I got it figured out for myself. Sorry!
I just opened a blank text document, right clicked on it, and there was an option to insert my key.