Archive for the ‘gpg’ Category

Using Gmail as my primary email client

Lately I’ve been using a lot of different computers, at home, at work, and at relatives’ houses. In the past, I’ve used mutt for email, because it’s simple, small, and does everything I want in an email client (PGP integration, can run on the server, and so on). However, most of the computers I’ve been using lately are Windows boxes, and while I could carry a copy of Knoppix with me everywhere I go, I don’t think that would be appreciated very much. I could run mutt in a screen session on my main server, but since I use PGP to sign all my messages, I don’t want to keep my private key on a remote server. Other than that small hitch, though, running mutt in a remote screen session is practically the perfect solution. Continue reading


Practical GnuPG

I started using GnuPG extensively in February 2003, and since March 2003 I’ve been signing almost every piece of email that I send out. One of the reasons it took me so long to get started using cryptography is because I had a hard time finding good explanations of how to do common things, like encrypt files or verify detached signatures on tarballs. So I decided that once I got comfortable using GnuPG, I would start a collection of scribblings explaining how to do things, as I learned how to do them. I’m now going to start making good on that decision. Continue reading


signtree is a Perl script that takes a list of files and generates detached signatures for each one, using the GnuPG module. If there is already a signature file, then it is verified, and updated if the signature does not match. This is a development tool, not a mass verification tool. Continue reading