Silk Road forums
Discussion => Security => Topic started by: BoxofShapes on October 11, 2012, 02:22 pm
-
Hey everyone. So I recently acquired a macbook. I have always used windows, so it is taking me some time to adapt to this new thing.
My question is when I am sending a message to someone, how do I have it output the block of letters, to cut and paste, instead of my text file being encrypted as a file, for those who use mac. I am using the GPG keychain Access. Maybe I should use something different? I don't know how this could get any more simple.
I've given a pretty solid effort in looking for the answer but I couldn't find it. I didn't know where to turn except to everyone on here. (because we are all familiar of why this is important :P) I know I am missing something very fundamental and it is driving me crazy!
Thank you for anyone's time!
-
Hey everyone. So I recently acquired a macbook. I have always used windows, so it is taking me some time to adapt to this new thing.
My question is when I am sending a message to someone, how do I have it output the block of letters, to cut and paste, instead of my text file being encrypted as a file, for those who use mac. I am using the GPG keychain Access. Maybe I should use something different? I don't know how this could get any more simple.
I've given a pretty solid effort in looking for the answer but I couldn't find it. I didn't know where to turn except to everyone on here. (because we are all familiar of why this is important :P) I know I am missing something very fundamental and it is driving me crazy!
Thank you for anyone's time!
Guru to the rescue!
IMPORTANT NOTES:
a) GPGTools is the software that implements Gnu Privacy Guard (GPG), an open-source PGP-equivalent software package for the Mac. Please see the GPGTools homepage. for more information: https://www.gpgtools.org/
b) Whether GPGTools works or not is highly OS-version-dependent -- in other words, it makes a significant difference if you're running Leopard (10.5.x), Snow Leopard (10.6.x), Lion (10.7.x) or Mountain Lion (10.8.x).
The two most problematic releases are Leopard and Mountain Lion; Leopard, because it is too old, and Mountain Lion because it is too new.
N.B.: Some people have reported success with the latest nightly build and Mountain Lion.
c) You would have also discovered that the stock GPGTools installation does not work for everyone. Frequently, to acquire full functionality, one is required to download and install the latest nightly build from the GPGTools site. See: https://nightly.gpgtools.org/GPGTools_Installer-latest.dmg
After that, follow the instructions found in this post: http://dkn255hz262ypmii.onion/index.php?topic=32303.msg366929#msg366929
d) If you're running Leopard, then for all intents and purposes, you have little recourse bu to use the command-line, if you want to use GPG.
For instructions on how to do this, please see the following post: http://dkn255hz262ypmii.onion/index.php?topic=35440.msg408632#msg408632
e) If you're running Mountain Lion, if the latest nightly build doesn't work, then I'm afraid you're mostly out of luck, unless you can get GPG working from the command line, as referenced by the instructions in item d), above.
============================================================
Download and install GPGTools: http://nightly.gpgtools.org/GPGTools_Installer-trunk.dmg
Once you have installed GPGTools, what you want to do is to go into System Preferences --> Keyboard --> Services.
Scroll down until you find the following entries. Be sure to put a check mark in the boxes to activate each keyboard
shortcut.
Keyboard shortcuts:
OpenPGP: Decrypt Selection: Shift-Command-D
OpenPGP: Encrypt Selection: Shift-Command-E
OpenPGP: Import Key from Selection: Shift-Command-I
OpenPGP: Insert My Fingerprint: Shift-Command-F
OpenPGP: Insert My Key: Shift-Command-K
OpenPGP: Sign Selection: Shift-Command-R
OpenPGP: Verify Signature of Selection: Shift-Control-V
Remember, these shortcuts only operate on highlighted or selected text.
To select text within TextEdit, use Command-A to highlight the entire document, or use your mouse to selection the
section that you want to verify/sign/encrypt/decrypt. It is highly recommended that you use only plain-text, as
opposed to Rich Text (.rtf) format. Use Command-, to bring up Preferences and ensure that the plain text radio button
is checked.
Also ensure that the following are UNCHECKED in TextEdit preferences: smart quotes, smart dashes, smart links.
Once your text is highlighted in TextEdit, (by pressing Comand-A) you then encrypt using Shift-Command-E. You will
then be presented with a list of keys to encrypt to, that you have added to your PGP kryring
Other Commands You May Need:
OpenPGP: Decrypt File: Control-Command-D
OpenPGP: Encrypt File: Control-Command-E
OpenPGP: Sign File: Control-Command-S
OpenPGP: Verify Signature of File: Control-Command-V
Naturally, you can change any of these shortcuts to ones of your own choosing, if you wish.
Once you have setup these shortcuts, you can begin using GPG.
To encrypt a message to someone using GPG, you first need a copy of the recipient's PGP public key. Many people put
a reference to where their PGP public key may be located in their .sig, for example:
Guru <Guru@SR>
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg234832#msg234832
PGP Key: http://qtt2yl5jocgrk7nu.onion/pks/lookup?op=get&search=0x523FCBEE886855CA
PGP Key Fingerprint: ADBE 8D80 5F5C 9CBA 9BDB 0F05 523F CBEE 8868 55CA
Once you have located someone's PGP public key, you should copy and paste it into TextEdit. Save the file to a file;
you can file the file, import.asc, for example. This saved file will usually be found in the Documents folder.
Launch GPG Keychain Access from the Applications folder. click on the Import icon in the upper left hand corner.
GPG Keychain Access will then prompt you for the name of the file which contains the key to import. It will usually
show you a list of files in the Documents folder. Click on the file named import.asc, and click ok. The PGP public
key will then be imported into your PGP keyring.
To encrypt a message to a person, the message must be contained in a TextEdit document. Use Command-A to hightlight
the entire document. Then use Shift-Command-E to encrypt. GPG will pop-up a list of public keys in your PGP keyring.
Each key will have a little checkbox beside it which you can check, to select that particular key. If you were
encrypting a message to me, you would put a check in the box beside my PGP key (Guru@SR). When you click on OK,
the plaintext (unencrypted) message in TextEdit will be replaced with the encrypted message. You can then copy and
paste the encrypted message to enter it into a form on Silk Road, or anywhere else that it needs to go.
To decrypt a message sent to you by other people, you need to copy that message to the clipboard, and paste it into
a TextEdit document. Again use Command-A to highlight all the encrypted message. Then use Shift-Command-D to decrypt
the message. If the message is encrypted to your PGP public key, you will be prompted to enter your passphrase. Once
the correct passphrase has been entered, and you click OK, then the message will be decrypted, and the decrypted text
will be placed in the TextEdit document, replacing the encrypted message that was there previously.
-
I'm having a bit of trouble with this too. I have done everything Nightcrawler has explained in his post. The problem is that it will not let me encrypt something without selecting a private key from a drop down menu in the same window that lets you specify a recipient. The only private keys I can select from this menu listed are ones that I have created. I tried to send somebody a message encrypted with what I thought was their key (I checked it), but they said they could not decrypt it. I have fooled around a bit with it and found that it will only let me decrypt something with a passphrase corresponding to the private key I select, not the recipient that I check above. Something seems amiss as I what I understand is that you should only need the other person's key to encrypt something and that only they should be able to decrypt the message with a passphrase that only they know.
-
I'm having a bit of trouble with this too. I have done everything Nightcrawler has explained in his post. The problem is that it will not let me encrypt something without selecting a private key from a drop down menu in the same window that lets you specify a recipient. The only private keys I can select from this menu listed are ones that I have created. I tried to send somebody a message encrypted with what I thought was their key (I checked it), but they said they could not decrypt it. I have fooled around a bit with it and found that it will only let me decrypt something with a passphrase corresponding to the private key I select, not the recipient that I check above. Something seems amiss as I what I understand is that you should only need the other person's key to encrypt something and that only they should be able to decrypt the message with a passphrase that only they know.
You are very close to success...
Find the 'Public Key' of the person you want to write to. Copy/paste it to your text program. Select it. Right click, services, 'Import Key'. Now when you go to encrypt your message to that person you will see their name listed in the window you describe. Click their box (next to their name). Do not choose to sign your message. The program will do the rest. Just copy/paste the result into your message field and hit send.
-
Ah, I think I've figured it out. I left the "sign" box unchecked but it would still refuse to encrypt if I didn't select a key of my own. There's a box labeled "Add to recipients" that is checked by default for some reason and unchecking that too seems to work.
-
'Sign' means you are signing your message. The recipient of the message will have to have imported your public key to be able to read the message. For a number of reasons this isn't ideal on SR. One, you are losing plausible deniability when you prove that you infact did send the message by signing it (Guru has a good post on this somewhere here). Also, some vendors may not be interested in importing your public key just to get your address.
'Add to recipients' means that your key is also used to encrypt the message. This means that both you and the recipient can use your private keys to decrypt the message.
-
Ah, I think I've figured it out. I left the "sign" box unchecked but it would still refuse to encrypt if I didn't select a key of my own. There's a box labeled "Add to recipients" that is checked by default for some reason and unchecking that too seems to work.
"Sign" makes the recipient have to have your public key to decrypt the message. "Add to recipients" adds you to the list of recipients and makes it so that you can decrypt the message too.
-
'Sign' means you are signing your message. The recipient of the message will have to have imported your public key to be able to read the message. For a number of reasons this isn't ideal on SR. One, you are losing plausible deniability when you prove that you infact did send the message by signing it (Guru has a good post on this somewhere here). Also, some vendors may not be interested in importing your public key just to get your address.
Thanks farmer, I never thought about the negative side of "signing" messages. I'll discontinue this practice.
-
Wow Nightcrawler.
You just taught a man how to fish! This solved my problem and then some.
As I said, Mac is a new world to me and figuring this out gave me a handle on navigating the whole mess.
Thank you so much for your time!!! ;D
Also, thanks to bread and farmer for so plainly explaining some very important details.
All I did was copy and paste; Guru wrote it.
-
I didn't think you did. However, I was having a hard time finding a post as such, so thank you for knowing at least where it was.
Looks like I'll pass on the thanks to Guru as well ;)