setup.doc

PGP 是一种混合密码系统。当用户使用PGP 来对纯文字加密的时候

cryptography; the manual explains these ideas.   Even if you are already
familiar  with  public  key  cryptography,  it  is  important  that  you
understand  the various security issues associated with  using PGP.  PGP
may be an  unpickable  lock,  but you have  to  install  it in the  door
properly or it won't provide security.

########################################################################
For UNIX:

You likely will have to compile  PGP for your system;  to do this, first
make sure  the unpacked  files are  in  the correct unix textfile format
(the files in pgp262s.zip are in MSDOS CRLF format, so for Unix you must
unpack with  "unzip -a"; the  tar files pgp262s.tar.Z and pgp262s.tar.gz
use normal Unix line feed conventions).

You  will need the  RSAREF package written  by RSA Data Security.  It is
included with  the current PGP distribution  from MIT.  Use this version
as  it has been edited  for the larger key sizes  needed by PGP 2.6.2 as
well as to improve performance.

When  you untar  pgp262s.tar (either  compression  format) you will find
that it contains 5 files. pgp262si.tar contains all non-binary files for
PGP  including  all source code.  This  tar  archive  has  been  created
assuming  that you  will untar it directly into your  PGP 2.6.2 "build"
directory.  pgp262si.asc is a detached digital signature of pgp262si.tar
(which  you can verify  after  you have PGP  operating,  see the section
above titled "Verifying the  PGP Distribution"). rsaref.tar contains the
source code for  the RSAREF distribution. You should also untar it  from
your PGP  "build" directory. All  RSAREF  software will automatically go
into an "rsaref" subdirectory.

cd to  rsaref/install/unix and invoke the "make" command there  to build
the  RSAREF  software  library.

RSAREF tries to build with the  GNU CC compiler by  default.  If you  do
not have the GCC  compiler for your  platform, you will have to run make
with an option to use the normal CC compiler:

   make CC=cc

If  your native compiler does not understand prototypes, then  this will
fail as well, and you will have to set the  PROTOTYPES to 0.  You can do
this by running make in this manner:

   make CC=cc PROTOTYPES=0

This will try  to  create an rsaref.a library  in the current directory.
One last problem you  may have is the lack of a  ranlib  program on your
platform.  You can fix this by adding this to your make line:

   RANLIB=true

After RSAREF is successfully  built, cd to src (cd ../../../src from the
RSAREF install/unix directory) and invoke  "make" there.  You  will have
to specify your machine platform (make without arguments will give you a
list of choices).

If you don't have an  ANSI C compiler  you will need the unproto package
written by  Wietse Venema.  unproto was  posted on comp.sources.misc and
can  be  obtained  from the various  sites  that archive this  newsgroup
(volume   23:   v23i012   and    v23i013)   or    ftp.win.tue.nl   file:
/pub/programming/unproto4.shar.Z Read  the  file  README in the  unproto
distribution for instructions on how to use unproto.

If your system doesn't  have a target in the  makefile you  will have to
edit the makefile, make sure you compile for the  correct byte order for
your  system:  define  HIGHFIRST  if  your  system  is  big-endian  (eg.
Motorola 68030).  There are  also  some  platform-specific parameters in
the include  file "platform.h".  Some platforms may have  to modify this
file.

If you successfully create a target rule for a new platform, please send
the patches to pgp-bugs@mit.edu, so it can be added to the next release.

Note: PGP requires the function memmove.   Not all machines have this in
the standard C library.  There is  an implementation of memmove included
with this  distribution.   If  you  find  that your   platform  requires
memmove, but  the  makefile  rule for  your  platform  does not  include
memmove (look at the  sun4gcc or sun386i rules for  an example of how to
include it), please send mail to pgp-bugs@mit.edu, so we can correct the
problem.

If  you  have any problems, bugs, patches,  etc.,  please  send mail  to
pgp-bugs@mit.edu!

If all goes well, you will end up with an executable file called "pgp".

Before you install pgp, run these tests:
(do not create your real public key yet, this is just for testing pgp)

 - create a public/secret key pair (enter "test" as userid/password):
        pgp -kg

 - add the keys from the file "keys.asc" to the public keyring:
        pgp -ka keys.asc
   pgp will ask if you want to  sign the keys you are adding, answer yes
   for at least one key.

 - do a keyring check:
        pgp -kc

 - encrypt pgpdoc1.txt:
        pgp -e pgpdoc1.txt test -o testfile.pgp

 - decrypt this file:
        pgp testfile.pgp

this  should  produce  the  file  "testfile"  compare  this  file   with
pgpdoc1.txt

If everything went well, install pgp in a bin directory.

Place the documentation, pgpdoc1.txt and pgpdoc2.txt somewhere where you
can  reasonably  read  it.   The  software  looks  for it  when  running
(especially generating  keys), so someplace reasonably obvious would  be
good.   "pgp  -kg"  will give  you full details  if  it  can't  find the
manuals.

Place  the man page (pgp.1) in  an appropriate spot.  If  you don't know
anything about how man pages work, you can  make the man page look human
readable  yourself by typing  "nroff  -man pgp.1  >pgp.man" and  reading
"pgp.man".

Create a subdirectory somewhere in your home directory hierarchy to hold
your public and private key rings and anything else pgp might need (like
the language.txt file).  The default name PGP assumes is ~/.pgp.  If you
want  to  use a  different  name, you must set  the environment variable
"PGPPATH" to point to this place before you use the system.

> IMPORTANT: This directory cannot be shared!  It will contain your <
> personal private keys!                                            <

If you are installing PGP for yourself,  copy the  files "language.txt",
"config.txt", and  the  ".hlp"  files  from  the  distribution into this
subdirectory.

If  you  are  installing  PGP  system-wide,  the  directory  to  use  is
/usr/local/lib/pgp for the config, language and help files.  This can be
changed in fileio.h when compiling.  It's the value of PGP_SYSTEM_DIR.

Tell  PGP  the  character set  and  language  you  wish  to use  in  the
config.txt file.  If you have a terminal that only displays 7-bit ASCII,
use "charset=ascii" to display an approximation (accents are omitted) of
extended characters.

>> IMPORTANT: Please read the sections in the man page and manual  <<
>> about vulnerabilities before using this software on a multi-    <<
>> user machine!                                                   <<

Now, if you haven't done so yet, GO READ THE MANUAL.

########################################################################
For VMS:

 PGP/VMS Version 2.6.2
 ---------------------

***THIS MAY OR MAY NOT WORK***.

The pgp26/vmsbuild contains support files  for building a VMS version of
PGP 2.6.2.  We at MIT have  not tested this code out, but it should work
without too much effort. See the file: vmsbuild/000read.me.

In particular, PGP needs to  be linked with the  RSAREF  library.
David North  has  provided  a  build file  "vmsbuild/rsabuild.com"  that
should help in building RSAREF.

If you can  figure out how to compile it, it SHOULD work.  One change is
that PGP can now look for support files in a system-wide directory.  The
default (PGP_SYSTEM_DIR, defined in fileio.h) is  PGP$LIBRARY:, but  you
can change that if you like.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLqmXwsUtR20Nv5BtAQG+rQP+KBJzh22axMqNymQtN55iU+znyJwnaTge
buI7mpZnjUAYBZvOHhxVtUg/5v4PgDISrDnTkne6EZdDNEH5nP9AB8YDOChourKg
drUlhn7NsEyToqDF42rX53kq0kc8P7CWilQvTfti6i8bAGWLAN9dwdq0iwFxRz8I
G8Cql4kIbhA=
=0JzK
-----END PGP SIGNATURE-----