[ic] Please help with pgp issue, please.

interchange-users@interchange.redhat.com interchange-users@interchange.redhat.com
Tue Sep 18 17:30:01 2001 

Quoting Boyd Lynn Gerber (gerberb@zenez.com):
> On Tue, 18 Sep 2001 mheins@redhat.com wrote:
> > Quoting Ed LaFrance (edl@newmediaems.com):
> > > The whole issue of raw credit card numbers being stored on a web-accessible
> > > server has been debated numerous times on this list.  RH has positioned
> > > themselves firmly against it; others are more ambiguous.
> > (Please note that the below is my personal opinion. I don't want to
> >
> > much deleted...
> >
> > Please just use the encryption. It is easy to configure modern mail
> > clients for PGP, and you typically only have to input the pass phrase
> > once per session. GPG is available free of charge, and client PGP is
> > free or available at very low cost.
> 
> I agree about the use of encryption, but I am a real dunce getting it to
> work with IC 4.8.1 and the foundation demo.  Every order I get with 4.8.1
> based on the foundation demo has the phrase NEED ENCRYPTION ENABLED
> encrypted.  I save the attachment and decrypt it and I get that wonderful
> message.  In 4.6.5 I used this below.
> 
> ENCRYPTOR       /usr/local/bin/gpg -e -a -q --batch --no-tty
> --always-trust -r gerberb@zenez.com 2>encrypt.error        Payment
> 
> How should these variables really be set to use gnupg.  I have tried
> almost every combination I can think of.  It probably is very simple and I
> am making it very complex.
> 

In 4.8, it should be simple. Remove all references to ENCRYPTOR
in your routes (ala the example catalog.cfg in foundation) and
then put:

    EncryptProgram  /usr/local/bin/gpg
    EncryptKey      gerberb@zenez.com

If gpg is in your PATH, then you don't even need the reference
to EncryptProgram. Interchange looks for GPG first, then PGPE (the
PGP 5.x/4.x version) and then for pgp 2.62.

At that point, all encryption attempts on that catalog should
be encrypted to your key. If you want to change that for one
specific route, you just set the "encrypt_key" for that route
to the one you want to encrypt against.

This should be in the WHATSNEW and the upgrade document -- I am
doing some docs work so I will put it on my list.

-- 
Red Hat, Inc., 3005 Nichols Rd., Hamilton, OH  45013
phone +1.513.523.7621      <mheins@redhat.com>

Few blame themselves until they have exhausted all other possibilities.
 -- anonymous