Great Circle Associates Majordomo-Users
(March 1995)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: How-To Add PGP to MajorDomo v1.93 (Candidate for FAQ)
From: jeffrey @ thompson . itm . org (Jeffrey Thompson)
Date: Sat, 4 Mar 95 23:14 EST
To: majordomo-users @ greatcircle . com

If you would like to work PGP encryption into your majordomo list server
you can do this (daemon is my majordomo user-id, you may have a different
one) :

1. Install pgp on your computer and assign a private/public key for
   your majordomo-id.
  
   a. You can get it from anonymous ftp at net-dist.mit.edu:/pub/PGP
      Version 2.6 is a good version to get.
   b. Make sure that your majordomo-id has it's home directory of
      /usr/local/majordomo (or wherever your majordomo stuff is) 
   c. - cd /usr/local/majordomo (or wherever your majordomo stuff is)
      - mkdir .pgp
      - create your private/public key-rings for majordomo-id (from PGP docs)
        (my majordomo-id is daemon)
      - create a config.txt file (pgp likes this) refer to the man
        page for useful options: 
        > config.txt
      - my .pgp dir looks like this:
        /usr/local/majordomo/.pgp:
        total 7
        drwxrwxr-x   2 daemon   daemon       1024 Feb 26 00:40 .
        drwxrwxr-x   6 daemon   daemon       1024 Feb 26 01:05 ..
        -rw-r--r--   1 daemon   daemon          0 Feb 26 00:37 config.txt
        -rw-rw-rw-   1 daemon   daemon        336 Feb 26 00:39 daemon.pkey
        -rw-------   1 daemon   daemon        184 Feb 25 21:03 pubring.bak
        -rw-------   1 daemon   daemon        537 Feb 25 21:07 pubring.pgp
        -rw-------   1 daemon   daemon         24 Mar  4 22:32 randseed.bin
        -rw-------   1 daemon   daemon        517 Feb 25 21:03 secring.pgp

2. Under /usr/local/majordomo create a link to the pgp program (my pgp
   is in /usr/local/bin)

   a. cd /usr/local/majordomo
   b. ln -s /usr/local/bin/pgp pgp

3. To email encrypted email to certain recipients of the list:

   a. Add the users public key to the daemon's public keyring:

      - su daemon
      - cd /usr/local/majordomo
      - pgp -ka users_public_key_in_file 
    
   b. setup a pgp alias for each pgp user (jeffrey for example):

      jeffrey_pgp: "|/usr/local/majordomo-1.93/wrapper pgp -feat jeffrey | 
           mailx jeffrey" 
      
      The wrapper has majordomo-user, daemon, call pgp with "filter" options 
      to encrypt the data on stdin and send it to stdout which gets emailed
      to the pgp user.

   c. Place the pgp alias (.e.g., jeffrey_pgp) in the list file so the 
      email generated by the list is encrypted and emailed to the user.

4. To receive encrypted messages, decrypt them (automatically),
   and distribute the decrypted message to the list:

   a. You extract an ascii version of the daemon's public key to make
      available to everyone:

      - su daemon
      - pgp -kxa daemon daemon (extract's daemon's public-key to daemon.asc)
        you might want to make this available to users since they will need
        to add daemon's public-key to their public keyrings to encrypt 
        messages to send to the list

   b. Create an unpgp shell program that will automatically decrypt messages:
      Place it in /usr/local/majordomo directory.
   
      !/bin/bash
      export PGPPASS="daemon's secret phrase to unencrypt"
      pgp -f 

      This shell program reads encrypted email on stdin and produces
      the unencrypted message on stdout.

   c. Make a pgp alias for the list:

      majordomo-list_pgp: "|/usr/local/majordomo-1.93/wrapper unpgp | 
         mailx majordomo-list"

Let me know how it works out, or if you have any questions. Any enhancements
are welcome.

-- 
Jeffrey Thompson       Check out Linux-OS Talk Area: telnet moo.du.org 8888
Linux is great!                                      connect guest
                       to talk: say Hello World      @go #11848
                       or       "Hello World         @quit    (when done)
 


Follow-Ups:
Indexed By Date Previous: Not sending a post to the original poster.
From: List Server Admin <major@phoque.info.uqam.ca>
Next: Using Majordomo for a One-Way List
From: Linda Henneman <frugal@best.com>
Indexed By Thread Previous: Re: Not sending a post to the original poster.
From: hal9001@panix.com (Robert A. Rosenberg)
Next: Microsoft Mail and Majordomo 1.92
From: Lee Nelson <gln1@list.cdc.gov>

Google
 
Search Internet Search www.greatcircle.com