Silk Road forums

Discussion => Newbie discussion => Topic started by: lazybone on March 22, 2013, 08:59 am

Title: need PGP help
Post by: lazybone on March 22, 2013, 08:59 am
Cant figure out why my pgp is not working. I try to make a private key for myself for encryption and keep getting error. any ideas? thanks!
Title: Re: need PGP help
Post by: pestlepete on March 22, 2013, 09:27 am
Hi, can you share what the text of the specific error is? Also, are you using any GUI or terminal/cmd?

The command prompt is only slightly trickier to use but way faster once you get it down. Basically I just use "gpg --gen-key" and then follow all the prompts.
Title: Re: need PGP help
Post by: circusaulait on March 22, 2013, 10:27 am
unless you just realize want or need to use the PGP software you currently have, i would suggest using another encrypter. i am using GPA (GNU Privacy Assistant) which is open source GPG. its compatable with PGP. i downloaded it as part of a bundle called GPG4win from http://www.gnupg.org/related_software/gpa/ but i am only using the GPA part. anyway, once you get it installed and open it up, go to the tab that says keys and select New Key. it should be clear from there what to do. that key will incorporate your email that you associate with the key account. a list or keyring will develop as you add your key and other people's public keys to your ring. to add a vendor's key i open up Notepad or any text editor, then copy the entire text of the key they provide including -----BEGIN PGP PUBLIC KEY BLOCK----- all the way to the -----END PGP PUBLIC KEY BLOCK-----. save the file and then using your GPA, simply import the key by selecting the text file you just saved. to encrypt something, open the clipboard and either type your message or cut and paste from somewhere else to the clipboard. then select encrypt and choose which key you will use to encrypt it. if you are encrypting your address to give to a vendor, for example, you would type your address, hit encrypt, select the vendor's key from your ring and the text will be encrypted with a code that you can give your vendor. if you are sending a message or email to someone and you have their key, you can type your message and include your key, encrypt the whole sucker and send the code. now they can reply to you using the same technique. take that message you receive, put it in clipboard and decrypt.
i hope this helps. i apologize if you knew all of this stuff, but my hope is someone will be searching for help and be able to use this info. i had to kind of trial and error it myself. having said that, if i provided any wrong info or unnecessary steps, someone please correct me. again, i hope this helps.
Title: Re: need PGP help
Post by: pestlepete on March 22, 2013, 12:00 pm
I agree with what circusaulait said, GPA is extremely easy to use, and it's available for both win and linux last I knew. Also, I learned that kleopatra (the other GUI in GPG4win) uses different subkey conventions, which can be a problem if someone using MacGPG tries to import your cert (GPA uses what seems to be more commonly accepted conventions).

I only mentioned the cmd/terminal because it's so much faster to load and use, and you never have to create any .asc or .txt files (everything can be done via copypasta, even importing certificates).

I agree with everything you said, circus, but here are a few details you left out:
- Don't use your real name or email address when making the key, as the can easily be extracted from your certificate (public key)!
- Since you're using a fake name anyway, make it something easy for people to associate with your pseudo-identity, e.g: use your SR handle, or something similar to it (though there are some potential security issues with this that you should consider)
- Add a couple spaces or something at the end of each line of you message, just in case the person you're sending to uses a GUI with different formatting from yours (e.g. kleopatra always used to give me problems with that)

As circus said, sorry if you already know this stuff.

Anyway, we've deviated quite a way from your initial question, I think, but I'm sure you'll get help if you post your platform, which gpg/pgp package you have, which GUI you're using if any, along with what steps you've taken and the errors that were returned (and what your level of crypto knowledge is).

Peace
Title: Re: need PGP help
Post by: circusaulait on March 22, 2013, 02:16 pm
thanks pete,
yes absolutely you are under no obligation to use your real name or email. my approach on email has always been the creation of dedicated mailboxes that you use for various things in your life, personal, business, junkmail, obligatory registrations, etc. so i say go ahead and set up a useable tormail account that you can use for your pgp or gpg certificate. get tired of that one or whatever, burn it and open a new account, set up a new certificate, etc. works for me, may not work for everyone.
again i apologize for stating things that might seem obvious, but i'm sure someone could use this info.
also sorry for steering the discussion away from lazy's original question.
also good idea on adding the extra spaces after each line, pete.
Title: Re: need PGP help
Post by: elmerjfudd on March 22, 2013, 02:34 pm
Another vote for GPA.

Here is a good overview of GPA    http://dkn255hz262ypmii.onion/index.php?topic=107219.msg925543#msg925543