If you would like to work PGP encryption into your majordomo list server
you can do this (daemon is my majordomo user-id, you may have a different
one) :
1. Install pgp on your computer and assign a private/public key for
your majordomo-id.
a. You can get it from anonymous ftp at net-dist.mit.edu:/pub/PGP
Version 2.6 is a good version to get.
b. Make sure that your majordomo-id has it's home directory of
/usr/local/majordomo (or wherever your majordomo stuff is)
c. - cd /usr/local/majordomo (or wherever your majordomo stuff is)
- mkdir .pgp
- create your private/public key-rings for majordomo-id (from PGP docs)
(my majordomo-id is daemon)
- create a config.txt file (pgp likes this) refer to the man
page for useful options:
> config.txt
- my .pgp dir looks like this:
/usr/local/majordomo/.pgp:
total 7
drwxrwxr-x 2 daemon daemon 1024 Feb 26 00:40 .
drwxrwxr-x 6 daemon daemon 1024 Feb 26 01:05 ..
-rw-r--r-- 1 daemon daemon 0 Feb 26 00:37 config.txt
-rw-rw-rw- 1 daemon daemon 336 Feb 26 00:39 daemon.pkey
-rw------- 1 daemon daemon 184 Feb 25 21:03 pubring.bak
-rw------- 1 daemon daemon 537 Feb 25 21:07 pubring.pgp
-rw------- 1 daemon daemon 24 Mar 4 22:32 randseed.bin
-rw------- 1 daemon daemon 517 Feb 25 21:03 secring.pgp
2. Under /usr/local/majordomo create a link to the pgp program (my pgp
is in /usr/local/bin)
a. cd /usr/local/majordomo
b. ln -s /usr/local/bin/pgp pgp
3. To email encrypted email to certain recipients of the list:
a. Add the users public key to the daemon's public keyring:
- su daemon
- cd /usr/local/majordomo
- pgp -ka users_public_key_in_file
b. setup a pgp alias for each pgp user (jeffrey for example):
jeffrey_pgp: "|/usr/local/majordomo-1.93/wrapper pgp -feat jeffrey |
mailx jeffrey"
The wrapper has majordomo-user, daemon, call pgp with "filter" options
to encrypt the data on stdin and send it to stdout which gets emailed
to the pgp user.
c. Place the pgp alias (.e.g., jeffrey_pgp) in the list file so the
email generated by the list is encrypted and emailed to the user.
4. To receive encrypted messages, decrypt them (automatically),
and distribute the decrypted message to the list:
a. You extract an ascii version of the daemon's public key to make
available to everyone:
- su daemon
- pgp -kxa daemon daemon (extract's daemon's public-key to daemon.asc)
you might want to make this available to users since they will need
to add daemon's public-key to their public keyrings to encrypt
messages to send to the list
b. Create an unpgp shell program that will automatically decrypt messages:
Place it in /usr/local/majordomo directory.
!/bin/bash
export PGPPASS="daemon's secret phrase to unencrypt"
pgp -f
This shell program reads encrypted email on stdin and produces
the unencrypted message on stdout.
c. Make a pgp alias for the list:
majordomo-list_pgp: "|/usr/local/majordomo-1.93/wrapper unpgp |
mailx majordomo-list"
Let me know how it works out, or if you have any questions. Any enhancements
are welcome.
--
Jeffrey Thompson Check out Linux-OS Talk Area: telnet moo.du.org 8888
Linux is great! connect guest
to talk: say Hello World @go #11848
or "Hello World @quit (when done)
Follow-Ups:
|
|
