Gene Karl'S PGP 2.6.2 HELP FILE last updated 2-15-99

If you can't seem to get PGP 2.6.2 to work for you after reading
the PGP manual, maybe this file will do the trick for you.
This is my HELP FILE to help get you started in learning how
to use PGP262.ZIP. I can be reached at
nomoredebts@angelfire.com
gene karl

Remember, PGP 2.6.2 is basically for WIN 3.1 users and it 
cannot read PGP version 5 series public keys which is for
WIN 95 users and beyond. WIN 95 users can still use 
PGP 2.6.2 however.

For the latest version of PGP, go to:

http://web.mit.edu/network/pgp-form.html

and download PGP 2.6.2

1. Make a directory called PGP262

2. Copy PGP262.ZIP into it.

3. PKUNZIP PGP262.ZIP

4. PKUNZIP PGP262I.ZIP

5. Use your favorite editor to add the following lines to
your autoexec.bat file.
SET PGPPATH=C:\PGP262
SET PATH=C:\PGP262;%PATH%

6. Set your autoexec.bat file Time Zone parameter as follows:

Another environmental variable you should set in MSDOS is "TZ",
which tells  MSDOS  what time zone  you  are  in, which  helps
PGP create GMT timestamps  for its  keys  and signatures.  If
you properly define TZ in AUTOEXEC.BAT, then MSDOS gives you 
good GMT timestamps, and  will handle daylight savings  time 
adjustments for you.  Here are some  sample lines to insert 
into AUTOEXEC.BAT, depending on your time zone:

For Los Angeles:  SET TZ=PST8PDT
For Denver:       SET TZ=MST7MDT
For Arizona:      SET TZ=MST7
   (Arizona never uses daylight savings time)
For Chicago:      SET TZ=CST6CDT
For New York:     SET TZ=EST5EDT
For London:       SET TZ=GMT0BST
For Amsterdam:    SET TZ=MET-1DST
For Moscow:       SET TZ=MSK-3MSD
For Aukland:      SET TZ=NZT-13

Now  reboot  your system to run AUTOEXEC.BAT, which will set up
PGPPATH and TZ for you.

7. PUBRING.PGP = Your Public key ring
   SECRING.PGP = Your Secret key ring

To generate your own unique public/secret key pair:

pgp -kg

Choose 3 for military grade security.

For your name, I would use your full name. It doesn't matter
if someone else has the same first name this way.

For your email address, choose one that you will always be
able to use even if you change your ISP's like a hotmail
address.

Enter your user ID for your public key as follows:

yourname <youraddress@hotmail.com>

Enter a pass phrase that you make up.
Don't ever forget your user ID and your pass phrase.
Until you remember it, write it down on a separate piece
of paper and hide it.

This will create the file keys.asc.

8. Add the keys from the file "keys.asc" to the public keyring:

pgp -ka keys.asc

PGP will ask if you want to sign the keys you are adding.
Answer yes for Philip R. Zimmerman's key.

9. TO VIEW the contents of your public key ring:
     pgp -kv[v] [userid] [keyring] 

You do not have to type what is in brackets unless you want
to be more specific.
If you type in the userid, you will just see the contents of 
that userid in the ring instead of the complete ring contents.

TO VIEW the "fingerprint" of a public key, to help verify it
over the telephone with its owner:
     pgp -kvc [userid] [keyring]

TO VIEW the contents and check the certifying signatures of your
public key ring, do a keyring check (kc):

     pgp -kc [userid] [keyring] 

10. Encrypt pgpdoc1.txt

pgp -e pgpdoc1.txt yourname -o testfile.pgp

Replace yourname in the above command with your
USER_ID or the recipient's USER_ID so that person can decrypt
the message.

11. Decrypt this file:

pgp testfile.pgp

This should produce the file "testfile". Compare this file
with pgpdoc1.txt.

12. Now you can use the -kx command option to extract (copy)
your new public key from your public key ring and place it
in a separate public key file suitable for distribution
to your friends. (Never give your SECRET key to anyone.)

To extract (copy) a key from your public or secret key ring:
     pgp -kx userid keyfile [keyring]

I did mine as follows:
pgp -kx gene geneskey
which created geneskey.pgp

or if you wish to produce a ciphertext file in ASCII
radix-64 format, just add the -a option when extracting
the key as follows:

  pgp -kxa userid keyfile [keyring]

I did mine as follows:
pgp -kxa gene geneskey
which created geneskey.asc

The asc stands for ASCII text.
This ASCII radix-64 format is ASCII text and is readable by
notepad and is a popular way of sharing your key with your
friends. Many people simply copy the ASCII text of the key
and place it directly into an email message or what have 
you. You may wish to do that now and share your new public
key with a couple of your friends, hopefully some already
using PGP.

I would include my public key right here in this text file,
or maybe even post my public key on my webpage or a bbs, 
except for one thing, it's not a good idea. No matter how
tempted you are-- and you will be tempted-- never, NEVER 
give in to expediency and trust a public key you downloaded
from a bulletin board, unless it is signed by someone you
trust. That uncertified public key could have been tampered
with by anyone, maybe even the system administrator of the
ISP, or webpage or bbs. Please read the "HOW TO PROTECT
PUBLIC KEYS FROM TAMPERING" section in the PGP manual.
Protecting public keys from tampering is the single most
difficult problem in practical public key applications.
It is the Achilles' heel of public key cryptography so 
please read the entire PGP manual and understand this
principle thoroughly.

13. Now is a good time to reduce the number of people listed
in your public key ring so it won't be full of people that
you don't know. Do so as follows:

View the contents of the public key ring:
pgp -kv

I would remove all of the people in the public key ring except
Philip Zimmermann and yourself by doing the following for
each of the other names:

pgp -kr userid

14. SIGNING THEN ENCRYPTING FOR EMAIL - To sign a plaintext
file with your secret key, and then encrypt it with the
recipient's public key for sending through email:

pgp -esa textfile her_userid [-u your_userid]

For further detailed information on this procedure, please
read "SIGNING AND THEN ENCRYPTING" and "SENDING CIPHERTEXT
THROUGH E-MAIL CHANNELS: RADIX-64 FORMAT" sections of the
PGP 2.6.2 manual. 

15. If you have a super secret message that you want to send,
SPECIFY that the recipient's decrypted plaintext will be 
shown ONLY on their screen and cannot be saved to disk, by 
adding the -m option:

     pgp -steam message.txt her_userid

You use this command when you want absolute secrecy and do not
even want a trace of the message to be left on the hard drive
because even a deleted text file can be recovered with the
DOS undelete command.

Congratulations. Now you know how to encrypt and decrypt
files with PGP. These are just my notes to get you started.
There are many more commands that you can
do with PGP. Please read over your manual for further
instructions. 


============================================================
Here's a quick summary of PGP v2.6 commands.
The brackets denote an optional field, so don't
actually type real brackets.

===================
OPERATING COMMANDS
===================

TO ENCRYPT a plaintext file with the recipient's public key:
     pgp -e textfile her_userid

TO SIGN a plaintext file with your secret key:
     pgp -s textfile [-u your_userid]

TO SIGN a plaintext file with your secret key and have the output
readable to people without running PGP first:
     pgp -sta textfile [-u your_userid]

TO SIGN a plaintext file with your secret key, and then encrypt
it with the recipient's public key:
     pgp -es textfile her_userid [-u your_userid]

TO ENCRYPT a plaintext file with just conventional cryptography,
type:
     pgp -c textfile

TO DECRYPT an encrypted file, or to check the signature integrity
of a signed file:
     pgp ciphertextfile [-o plaintextfile]

TO ENCRYPT a message for any number of multiple recipients:
     pgp -e textfile userid1 userid2 userid3

=======================
KEY MANAGEMENT COMMANDS
=======================

TO GENERATE your own unique public/secret key pair:
     pgp -kg

TO ADD a public or secret key file's contents to your public or
secret key ring:
     pgp -ka keyfile [keyring]

TO EXTRACT (copy) a key from your public or secret key ring:
     pgp -kx userid keyfile [keyring]
or:  pgp -kxa userid keyfile [keyring]

TO VIEW the contents of your public key ring:
     pgp -kv[v] [userid] [keyring] 

TO VIEW the "fingerprint" of a public key, to help verify it
over the telephone with its owner:
     pgp -kvc [userid] [keyring]

TO VIEW the contents and check the certifying signatures of your
public key ring:

     pgp -kc [userid] [keyring] 

TO EDIT the userid or pass phrase for your secret key:
     pgp -ke userid [keyring]

TO EDIT the trust parameters for a public key:
     pgp -ke userid [keyring]

TO REMOVE a key or just a userid from your public key ring:
     pgp -kr userid [keyring]

TO SIGN and certify someone else's public key on your public key
ring:
     pgp -ks her_userid [-u your_userid] [keyring]

TO REMOVE selected signatures from a userid on a keyring:
     pgp -krs userid [keyring]

TO PERMANENTLY REVOKE your own key, issuing a key compromise 
certificate:
     pgp -kd your_userid

TO DISABLE OR REENABLE a public key on your own public key ring:
     pgp -kd userid

=================
ESOTERIC COMMANDS
=================

TO DECRYPT a message and leave the signature on it intact:
     pgp -d ciphertextfile

TO CREATE a signature certificate that is detached from the document:
     pgp -sb textfile [-u your_userid]

TO DETACH a signature certificate from a signed message:
     pgp -b ciphertextfile


=======================================
COMMAND OPTIONS THAT CAN BE USED IN
COMBINATION WITH OTHER COMMAND OPTIONS
(and even spell some interesting words)
=======================================

TO PRODUCE a ciphertext file in ASCII radix-64 format, just add
the -a option when encrypting or signing a message or extracting a
key:
     pgp -sea textfile her_userid
or:  pgp -kxa userid keyfile [keyring]

TO WIPE OUT the plaintext file after producing the ciphertext
file, just add the -w (wipe) option when encrypting or signing a message:
     pgp -sew message.txt her_userid

TO SPECIFY that a plaintext file contains ASCII text, not 
binary, and should be converted to recipient's local text line 
conventions, add the -t (text) option to other options:
     pgp -seat message.txt her_userid

TO VIEW the decrypted plaintext output on your screen (like the
Unix-style "more" command), without writing it to a file, use

the -m (more) option while decrypting:
     pgp -m ciphertextfile

TO SPECIFY that the recipient's decrypted plaintext will be 
shown ONLY on her screen and cannot be saved to disk, add the
-m option:
     pgp -steam message.txt her_userid

TO RECOVER the original plaintext filename while decrypting, add

the -p option:
     pgp -p ciphertextfile

TO USE a Unix-style filter mode, reading from standard input and
writing to standard output, add the -f option:
     pgp -feast her_userid <inputfile >outputfile