Silk Road forums
Discussion => Security => Topic started by: Ooohmani on December 28, 2012, 12:50 am
-
I am not able to encrypt messages using some users' keys. Currently I am having an issue with elvis' key which I noticed is made by GnuPgp linux. The other one I was having a hard time said GnuPGP on it as well.
I am using GPG keychain access for mac os x. and it's used fine for plenty of others' keys.
-
I am not able to encrypt messages using some users' keys. Currently I am having an issue with elvis' key which I noticed is made by GnuPgp linux. The other one I was having a hard time said GnuPGP on it as well.
I am using GPG keychain access for mac os x. and it's used fine for plenty of others' keys.
Is the problem you're having is that keys you want to encrypt to are showing up in GPG Keychain Access, but are _not_ showing up when you try to select them to use them to encrypt a message?
If that is the case, then you need to download the nightly build of GPGTools. Read the following instructions;
Update: If you're having problems with the standard build, then trying the nightly build is a good idea. Be warned, however, that the nightly build may break more than it fixes. If this happens to you, the only way to fix it, is to install a copy of the nightly build that is newer than the standard build, but not as new as the currently-available nightly builds.
For people who have run into this problem, I have uploaded a copy of the October 2012 GPGTools nightly build to a .onion file sharing site. Just unzip the file to reveal the .dmg installer, and run it as you normally would.
The site I uploaded it to is called TorShare: http://oukryuqqc7ffenin.onion
The actual file download URL is: http://oukryuqqc7ffenin.onion/files/74ff0b7644892653c4b1ff3a61a0fdce.zip
The original file name is: GPGTools_Installer-October_2012.dmg.zip
The SHA-256 file hashes for both the .zip and .dmg files are as follows:
f0ece4fbcd2eb49c1ba7206d871f8139cafbc498d221b5b9c2824b710319eeb7 *GPGTools_Installer-October_2012.dmg
db77828eed0fbf189fa0beae107c103d7c796381bcf40e228d7208acdfbcf63c *GPGTools_Installer-October_2012.dmg.zip
=====================================================================
GPGTools is highly version dependent -- depending on which version of OS X you have, it may or may not work as expected. If you have Leopard (10.5) then you're pretty much out of luck. Your only option then will be using the command-line.
If you have Snow Leopard (10.6), Lion (10.7) or Mountain Lion (10.8), the following instructions should be sufficient to allow you to get up and running.
Download and install the NIGHTLY BUILD of GPGTools: http://nightly.gpgtools.org/GPGTools_Installer-trunk.dmg
Once you have installed GPGTools, what you want to do is to go into System Preferences --> Keyboard --> Services.
Scroll down until you find the following entries. Be sure to put a check mark in the boxes to activate each keyboard shortcut.
Keyboard shortcuts:
================
OpenPGP: Decrypt Selection: Shift-Command-D
OpenPGP: Encrypt Selection: Shift-Command-E
OpenPGP: Import Key from Selection: Shift-Command-I
OpenPGP: Insert My Fingerprint: Shift-Command-F
OpenPGP: Insert My Key: Shift-Command-K
OpenPGP: Sign Selection: Shift-Command-R
OpenPGP: Verify Signature of Selection: Shift-Control-V
REMEMBER, THESE SHORTCUTS ONLY OPERATE ON HIGHLIGHTED OR SELECTED TEXT.
N.B.: To properly be able to import PGP into GPGChain (via TextEdit) you need to change the default on TextEdit from .rtf to plain text. You can do that through the Format menu, or you can go through the main configuration menu, accessible by using Command-comma. Ensure the plain text radio button is selected.
Also ensure that the following are UNCHECKED in TextEdit preferences: smart quotes, smart dashes, smart links.
To select text within TextEdit, use Command-A to highlight the entire document, or use your mouse to selection the section that you want to verify/sign/encrypt/decrypt. It is highly recommended that you use only plain-text, as opposed to Rich Text (.rtf) format. Use Command-comma to bring up Preferences and ensure that the plain text radio button is checked.
Once your text is highlighted in TextEdit, (by pressing Comand-A) you then encrypt using Shift-Command-E. You will then be presented with a list of keys to encrypt to, that you have added to your PGP keyring:
Other Commands You May Need:
==========================
OpenPGP: Decrypt File: Control-Command-D
OpenPGP: Encrypt File: Control-Command-E
OpenPGP: Sign File: Control-Command-S
OpenPGP: Verify Signature of File: Control-Command-V
Once you have setup these shortcuts, you can begin using GPG.
To encrypt a message to someone using GPG, you first need a copy of the recipient's PGP public key.
Once you have located someone's PGP public key, you should copy and paste it into TextEdit. Save the PGP key to a file; you can call the file, import.asc (or import.txt), for example. This saved file will usually be found in the Documents folder.
Launch GPG Keychain Access from the Applications folder. click on the Import icon in the upper left hand corner. GPG Keychain Access will then prompt you for the name of the file which contains the key to import. It will usually show you a list of files in the Documents folder. Click on the file named import.asc (or import.txt), and click ok. The PGP public key will then be imported into your PGP keyring.
To encrypt a message to a person, the message must be contained in a TextEdit document. Use Command-A to hightlight the entire document. Then use Shift-Command-E to encrypt. GPG will pop-up a list of public keys in your PGP keyring. Each key will have a little checkbox beside it which you can check, to select that particular key. If you were encrypting a message to me, you would put a check in the box beside my PGP key (Guru@SR).
When you click on OK, the plaintext (unencrypted) message in TextEdit will be replaced with the encrypted message. You can then copy and paste the encrypted message to enter it into a form on Silk Road, or anywhere else that it needs to go.
To decrypt a message sent to you by other people, you need to copy that message to the clipboard, and paste it into a TextEdit document. Again use Command-A to highlight all the encrypted message. Then use Shift-Command-D to decrypt the message. If the message is encrypted to your PGP public key, you will be prompted to enter your passphrase. Once the correct passphrase has been entered, and you click OK, then the message will be decrypted, and the decrypted text will be placed in the TextEdit document, replacing the encrypted message that was there previously.
Nightcrawler (Tutorial originally written by Guru)
-
http://i.imgur.com/YmGIZ.jpg
Do i leave those fields blank?
-
http://i.imgur.com/YmGIZ.jpg
Do i leave those fields blank?
The image you posted has nohning whatsoever to do with your question.
Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090
-
Is the problem you're having is that keys you want to encrypt to are showing up in GPG Keychain Access, but are _not_ showing up when you try to select them to use them to encrypt a message?
I had this problem on a mac and I found a workaround. For me, the nightly build did NOT solve the problem. I can import a key with no problem and even view the key, but when I am in text edit and highlight and try to encrypt, the newly imported key is not listed.
So, since the nightly build did not work for me, I found a workaround. I found that if I added the key from the command line (think of it as manually adding the key) that it was now listed and could be used.
Here are a couple of helpful terminal commands for gpg
"help" gpg--help
"to manually delete a key": gpg --delete-keys tests@tormail.com
"to list your keys" gpg --list-keys
To add a key (be sure that the key is in a .txt file. GPG keys like .txt files don't use anything else
gpg --armor --import untitled.txt
-
Is the problem you're having is that keys you want to encrypt to are showing up in GPG Keychain Access, but are _not_ showing up when you try to select them to use them to encrypt a message?
I had this problem on a mac and I found a workaround. For me, the nightly build did NOT solve the problem. I can import a key with no problem and even view the key, but when I am in text edit and highlight and try to encrypt, the newly imported key is not listed.
So, since the nightly build did not work for me, I found a workaround. I found that if I added the key from the command line (think of it as manually adding the key) that it was now listed and could be used.
Here are a couple of helpful terminal commands for gpg
"help" gpg--help
"to manually delete a key": gpg --delete-keys tests@tormail.com
"to list your keys" gpg --list-keys
To add a key (be sure that the key is in a .txt file. GPG keys like .txt files don't use anything else
gpg --armor --import untitled.txt
Most people have found that the nightly builds do the trick for them. That said, it's good that you found an alternative method, in case the nightly build doesn't work.
BTW, if you want people to use your PGP key, put a link to where they can download it in the Forums, like I have in my .sig. If you make people search for your key, they're less likely to bother to do so.
Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090
-
if nothing works,
you can try with command lines, very easy.
Look here : http://dkn255hz262ypmii.onion/index.php?topic=42031.0
-
I have it for mac also.
Here is what worked for me. In Control Panel look for GPG panel. In there , click on About. You'll see a 'fix GPG' button. CLICK IT.
It seems to fix the problem for me. The same issue the key not showing up in the list. . . I also found that a simple reboot fixes it too.
Mine is working great otherwise though. I use it all the time. MSG me if you need any help with the mac GPG or want to test it with someone.
Forgot about that one... nice catch. +1
Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090
-
I had the same issue where my keychain went wacko and I could encrypt some messages and a certain vendor could not decrypt. The PGP club mod sent me to this page and it fixed it quickly. The nightly builds page.
https://nightly.gpgtools.org/
-
Hi Chaps
I'm 95% there, but would be grateful if someone could explain when and where we would use "OpenPGP: Sign Selection: Shift-Command-R"
Thanks!
-
Hi Chaps
I'm 95% there, but would be grateful if someone could explain when and where we would use "OpenPGP: Sign Selection: Shift-Command-R"
Thanks!
In short, you don't use it. Think of it this way: anything you PGP-clearsign can be verified by anyone with a copy of PGP and your PGP public key. DPR sometimes uses this method, so we can verify that any important posts they make are genuine, and not a forgery.
So, if you sign something you shouldn't, you've effectively made a digitally-signed confession to illegal activity. In DPR's case, this is not a big deal, but for everyone else, I would strongly advise against signing anything, as it could later came back to haunt you.
Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090
-
Thanks Nightcrawler
So, to be sure, when I click on my own key, under the "User Ids" panel in the signatures panel, I see : sig 3, with my name and key ID, should I delete that sig, or is a part of my secret key?
Thanks
-
Thanks Nightcrawler
So, to be sure, when I click on my own key, under the "User Ids" panel in the signatures panel, I see : sig 3, with my name and key ID, should I delete that sig, or is a part of my secret key?
Thanks
No, leave the signatures on your keys alone!
When you are signing something, with the OpenPGP: Sign Selection: Shift-Command-R, you end up with something like this:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
In short, you don't use it. Think of it this way: anything you PGP-
clearsign can be verified by anyone with a copy of PGP and your PGP public
key. DPR sometimes uses this method, so we can verify that any important
posts they make are genuine, and not a forgery.
So, if you sign something you shouldn't, you've effectively made a
digitally-signed confession to illegal activity. In DPR's case, this is not
a big deal, but for everyone else, I would strongly advise against signing
anything, as it could later came back to haunt you.
Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJRCGqCAAoJELjx2I6790M7XggQAMMeLRa6SdnAg72+2lAWOohA
Eyke6KBwBgqBiLvqdm+mfhMl5/jwP7WD/S0Dq5aFg3SIxKozkwbrq8K1b8VBOGit
p+TIapuu29j+iIBwIKg0vPiQGsqzVKuwSJutPqq0f0qrQ/AzrRFV7y6ugB7FRBzm
bHoqR9AVZ0k5gHN0ZvUmSGK7iWo9+Youq7LzHUUf93Jg3hYeId7cLF33HTcBmTuZ
cnpNf06loLksUur4rweAhRJ1yUQaGPiaqdYMRR8yKOOHSs35bSZH7Ptchgsmw3oQ
XxmctcGKJ2hMYNuGLd+rks3M05GE4BclR4Y68pEY94+Zmo8z2sGPf1v6fmNTcsUl
bkpe2tw64ONRqFQ5ccCUS8J7utQEwVDCKQinjruJRjh9JwSJ3Ec8vAU/kmFMGvp/
woglzHMvYI0neUHcFUGY7AC835fBDsshTTqSY2xcW6LQ4BfPFwIehIMR0BC2utTu
rqvwz/A4VpU5/MWzqMFDOlmItQUbrXKbeIPJ3tQAdb2c+YlFCJvWw+I+Dx8054aX
CpwyCd+NWehZ02CB4GZeBjm4XxaMfrHMfyZzo+q5IPiV+XRc2W2NNpGJZl6ne0OE
eHlGcbzwD7cJ/UbLxPf4te4mXmItXOCc5pgvC4NwKQQFv7mUrpAKxTeBCe0JiLaj
AD5aFYK8fjZ8++3AQYde
=nQSk
-----END PGP SIGNATURE-----
Anyone with a copy of my public key can verify the signature on the signed text, above. The verification message will look something like what follows:
gpg: Signature made Tue 29 Jan 2013 12:34:10 PM UTC using RSA key ID BBF7433B
gpg: Good signature from "Nightcrawler <Nightcrawler@SR>"
gpg: textmode signature, digest algorithm SHA512
This is what you would use Shift-Control-V for, to verify some text that you had placed in TextEdit, and then highlighted with Command-A.
Because the signature verifies, I cannot disavow having written that message -- good thing there's nothing incriminating in it.
-
Thanks Nightcrawler
:)
-
PortablePGP (Mac version) works much better for me than GPG. It's free and on Sourceforge. It will also run from a USB stick.
Paste key blocks into plain (not Rich) TextEdit files and import those directly into P-PGP.
The GPG Services menu seems flaky as hell, although I think Apple's implementation of services may be at least partly to blame, as other apps also suffer.
-
I'm new to gpg and also use a mac. I posted to the newbie pgp thread and was able to encrypt/decrypt messages, but someone (vegeta, I think) said I should be using anonymous recipients in my messages. I think I have finally figured out how to do that, but I'd like to send a message to someone who can tell me if what I send is properly anonymous.
Is anyone able to comment on the usefulness of anonymous recipients? and able to verify an encrypted message I send is properly anonymized?