|
|
| Previous | Table of Contents | Next |
PGP contains an internal pager that can be used to view the program’s output. When you decrypt a message, you can use this option to send the output to the screen, rather than save it to a file. When PGP finishes showing the plain text, it asks you whether you want to save the message to a file. In this manner, you can decrypt and read a message without saving it off to a file. The -m option tells PGP to use the pager to view the output.
Sometimes the message that is being sent is so sensitive that the sender believes it should only be displayed on-screen and not saved to a file. In other words, the message is meant to be read only. When encrypting a message, you can set a flag in the message to tell PGP to print out the message on the recipient’s screen without allowing him or her to save it to a file. To mark a message For Her Eyes Only, the -m option should be given to PGP when the message is encrypted. On decryption, PGP will only use the pager and will not enable the user to save the output to a file.
Note: Although PGP tries to prevent recipients from saving messages encoded For Her Eyes Only, it cannot prohibit it. The reader can work around this limitation by using screen dump programs or other text collection means that vary from system to system. For Her Eyes Only is meant as a hint for the recipient and should be used as a means to keep a user from accidentally saving a message to a file.
PGP can also wipe files clean. In the file systems of most machines, a directory contains a list of pointers to files. When a file is removed, the pointer to the data on disk is removed from the list of files and the space that the file occupies is marked as unused. The actual file, however, still sits on the disk and remains there until another file writes over the same spot on the disk.
Sometimes data encrypted with PGP is so important that you might not want it to remain on the disk in clear text. Fortunately, PGP lets you wipe the file off the disk. When the -w option is used, PGP wipes the source file before removing it from the directory list. The result is data on the disk appears as pseudo-random numbers before it is deleted, thwarting would-be crackers who might be looking for the original file on the disk.
When pgp -w is used alone, this option will wipe and remove a file. When used in conjunction with other options, -w will wipe and remove the original file:
~> ls -l total 1 -rw-rw-r-- 1 warlord users 26 Nov 27 13:35 origin ~> pgp -w origin Pretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses. (c) 1990-1994 Philip Zimmermann, Phil’s Pretty Good Software. 11 Oct 94 Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc. Distributed by the Massachusetts Institute of Technology. Export of this software may be restricted by the U.S. government. Current time: 1995/11/27 21:35 GMT File origin wiped and deleted. ~> ls -l total 0
When you want to configure PGP, you can use a file to specify options other than the defaults for various values that PGP uses. Each user is allowed to have a configuration file that PGP will read on startup to define how it behaves for that user. The configuration file specifies items such as the default number of lines of armor or the default key to use.
The default configuration file is called config.txt and is located in the directory in the PGPPATH environment variable. On Unix systems, the default PGPPATH is the .pgp directory in the user’s home directory, $HOME/.pgp. Various OS systems have various options for the configuration filename. In Unix, for example, you can use the file .pgprc in the PGPPATH directory. When using DOS, you can use the file named pgp.ini.
PGP also supports a system-wide configuration file, which can be used to set up defaults for all users of a system. The user’s local configuration file will override the options set in the system configuration file. The system configuration file location is set at compile-time. In Unix, the default location is /usr/local/lib/pgp; in VMS, the default is PGP$LIBRARY.
| Previous | Table of Contents | Next |