2006-09-22 20:15:18 +02:00
|
|
|
@c instguide.texi - Installation guide for GnuPG
|
|
|
|
@c Copyright (C) 2006 Free Software Foundation, Inc.
|
|
|
|
@c This is part of the GnuPG manual.
|
|
|
|
@c For copying conditions, see the file gnupg.texi.
|
|
|
|
|
|
|
|
@node Installation
|
2016-03-04 15:45:19 +01:00
|
|
|
@chapter A short installation guide
|
2006-09-22 20:15:18 +02:00
|
|
|
|
2006-11-11 15:17:09 +01:00
|
|
|
Unfortunately the installation guide has not been finished in time.
|
|
|
|
Instead of delaying the release of GnuPG 2.0 even further, I decided to
|
|
|
|
release without that guide. The chapter on gpg-agent and gpgsm do
|
|
|
|
include brief information on how to set up the whole thing. Please
|
|
|
|
watch the GnuPG website for updates of the documentation. In the
|
|
|
|
meantime you may search the GnuPG mailing list archives or ask on the
|
2016-03-04 16:20:47 +01:00
|
|
|
gnupg-users mailing list for advise on how to solve problems or how to
|
2014-09-03 09:45:20 +02:00
|
|
|
get that whole thing up and running.
|
2006-11-11 15:17:09 +01:00
|
|
|
|
2010-06-10 12:39:44 +02:00
|
|
|
** Building the software
|
|
|
|
|
Fix more spelling
* NEWS, acinclude.m4, agent/command-ssh.c, agent/command.c,
agent/gpg-agent.c, agent/keyformat.txt, agent/protect-tool.c,
common/asshelp.c, common/b64enc.c, common/recsel.c, doc/DETAILS,
doc/HACKING, doc/Notes, doc/TRANSLATE, doc/dirmngr.texi,
doc/faq.org, doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi,
doc/instguide.texi, g10/armor.c, g10/gpg.c, g10/keyedit.c,
g10/mainproc.c, g10/pkclist.c, g10/tofu.c, g13/sh-cmd.c,
g13/sh-dmcrypt.c, kbx/keybox-init.c, m4/pkg.m4, sm/call-dirmngr.c,
sm/gpgsm.c, tests/Makefile.am, tests/gpgscm/Manual.txt,
tests/gpgscm/scheme.c, tests/openpgp/gpgv-forged-keyring.scm,
tests/openpgp/multisig.test, tests/openpgp/verify.scm,
tests/pkits/README, tools/applygnupgdefaults,
tools/gpg-connect-agent.c, tools/mime-maker.c, tools/mime-parser.c:
minor spelling cleanup.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-09-15 20:21:15 +02:00
|
|
|
Building the software is described in the file @file{INSTALL}. Given
|
2010-06-10 12:39:44 +02:00
|
|
|
that you are already reading this documentation we can only give some
|
2016-03-04 17:13:14 +01:00
|
|
|
extra hints.
|
2010-06-10 12:39:44 +02:00
|
|
|
|
|
|
|
To comply with the rules on GNU systems you should have build time
|
2014-09-03 09:45:20 +02:00
|
|
|
configured @command{gnupg} using:
|
2010-06-10 12:39:44 +02:00
|
|
|
|
|
|
|
@example
|
|
|
|
./configure --sysconfdir=/etc --localstatedir=/var
|
|
|
|
@end example
|
|
|
|
|
|
|
|
This is to make sure that system wide configuration files are searched
|
2015-06-09 21:29:15 +02:00
|
|
|
in the directory @file{/etc} and variable data below @file{/var};
|
2010-06-10 12:39:44 +02:00
|
|
|
the default would be to also install them below @file{/usr/local} where
|
|
|
|
the binaries get installed. If you selected to use the
|
|
|
|
@option{--prefix=/} you obviously don't need those option as they are
|
|
|
|
the default then.
|
|
|
|
|
|
|
|
|
2014-09-03 09:45:20 +02:00
|
|
|
** Notes on setting a root CA key to trusted
|
2006-10-11 12:05:03 +02:00
|
|
|
|
|
|
|
X.509 is based on a hierarchical key infrastructure. At the root of the
|
|
|
|
tree a trusted anchor (root certificate) is required. There are usually
|
2006-11-11 15:17:09 +01:00
|
|
|
no other means of verifying whether this root certificate is trustworthy
|
2006-10-11 12:05:03 +02:00
|
|
|
than looking it up in a list. GnuPG uses a file (@file{trustlist.txt})
|
|
|
|
to keep track of all root certificates it knows about. There are 3 ways
|
|
|
|
to get certificates into this list:
|
|
|
|
|
|
|
|
@itemize
|
|
|
|
@item
|
|
|
|
Use the list which comes with GnuPG. However this list only
|
2009-07-22 15:33:46 +02:00
|
|
|
contains a few root certificates. Most installations will need more.
|
2006-10-11 12:05:03 +02:00
|
|
|
|
|
|
|
@item
|
|
|
|
Let @command{gpgsm} ask you whether you want to insert a new root
|
2014-09-03 09:45:20 +02:00
|
|
|
certificate. This feature is enabled by default; you may disable it
|
|
|
|
using the option @option{no-allow-mark-trusted} into
|
|
|
|
@file{gpg-agent.conf}.
|
2006-10-11 12:05:03 +02:00
|
|
|
|
2014-09-03 09:45:20 +02:00
|
|
|
@item
|
2006-10-11 12:05:03 +02:00
|
|
|
Manually maintain the list of trusted root certificates. For a multi
|
|
|
|
user installation this can be done once for all users on a machine.
|
2014-09-03 09:45:20 +02:00
|
|
|
Specific changes on a per-user base are also possible.
|
2006-10-11 12:05:03 +02:00
|
|
|
@end itemize
|
|
|
|
|
Fix more spelling
* NEWS, acinclude.m4, agent/command-ssh.c, agent/command.c,
agent/gpg-agent.c, agent/keyformat.txt, agent/protect-tool.c,
common/asshelp.c, common/b64enc.c, common/recsel.c, doc/DETAILS,
doc/HACKING, doc/Notes, doc/TRANSLATE, doc/dirmngr.texi,
doc/faq.org, doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi,
doc/instguide.texi, g10/armor.c, g10/gpg.c, g10/keyedit.c,
g10/mainproc.c, g10/pkclist.c, g10/tofu.c, g13/sh-cmd.c,
g13/sh-dmcrypt.c, kbx/keybox-init.c, m4/pkg.m4, sm/call-dirmngr.c,
sm/gpgsm.c, tests/Makefile.am, tests/gpgscm/Manual.txt,
tests/gpgscm/scheme.c, tests/openpgp/gpgv-forged-keyring.scm,
tests/openpgp/multisig.test, tests/openpgp/verify.scm,
tests/pkits/README, tools/applygnupgdefaults,
tools/gpg-connect-agent.c, tools/mime-maker.c, tools/mime-parser.c:
minor spelling cleanup.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-09-15 20:21:15 +02:00
|
|
|
@c describe how to maintain trustlist.txt and /etc/gnupg/trustlist.txt.
|
2006-11-11 15:17:09 +01:00
|
|
|
|
2006-09-22 20:15:18 +02:00
|
|
|
|
2014-09-03 09:45:20 +02:00
|
|
|
@c ** How to get the ssh support running
|
|
|
|
@c
|
|
|
|
@c XXX How to use the ssh support.
|
2006-09-22 20:15:18 +02:00
|
|
|
|
2006-10-10 13:11:04 +02:00
|
|
|
|
2014-09-03 09:45:20 +02:00
|
|
|
@c @section Installation Overview
|
|
|
|
@c
|
|
|
|
@c XXXX
|
2006-09-22 20:15:18 +02:00
|
|
|
|
|
|
|
|