2006-11-06 10:26:55 +00:00
|
|
|
The GNU Privacy Guard 2
|
|
|
|
=========================
|
2009-09-21 18:26:52 +00:00
|
|
|
Version 2.1
|
2002-06-29 14:15:02 +00:00
|
|
|
|
2009-09-21 18:26:52 +00:00
|
|
|
THIS IS A DEVELOPMENT VERSION AND NOT INTENDED FOR REGULAR USE.
|
|
|
|
|
2010-10-26 12:25:47 +00:00
|
|
|
Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
|
2013-05-22 09:50:12 +01:00
|
|
|
2006, 2007, 2008, 2009, 2010, 2011, 2012,
|
|
|
|
2013 Free Software Foundation, Inc.
|
2010-10-26 12:25:47 +00:00
|
|
|
|
2006-11-11 14:17:09 +00:00
|
|
|
|
|
|
|
INTRODUCTION
|
|
|
|
============
|
|
|
|
|
|
|
|
GnuPG is GNU's tool for secure communication and data storage. It can
|
|
|
|
be used to encrypt data and to create digital signatures. It includes
|
|
|
|
an advanced key management facility and is compliant with the proposed
|
2010-08-20 12:18:38 +00:00
|
|
|
OpenPGP Internet standard as described in RFC4880 and the S/MIME
|
2006-11-11 14:17:09 +00:00
|
|
|
standard as described by several RFCs.
|
|
|
|
|
|
|
|
GnuPG is distributed under the terms of the GNU General Public
|
|
|
|
License. See the file COPYING for details. GnuPG works best on
|
|
|
|
GNU/Linux or *BSD systems. Most other Unices are also supported but
|
|
|
|
are not as well tested as the Free Unices.
|
|
|
|
|
|
|
|
GnuPG 2.0 is the stable version of GnuPG integrating support for
|
2006-11-06 10:26:55 +00:00
|
|
|
OpenPGP and S/MIME. It does not conflict with an installed 1.4
|
|
|
|
OpenPGP-only version.
|
2004-07-22 09:37:36 +00:00
|
|
|
|
2004-01-29 20:16:59 +00:00
|
|
|
|
|
|
|
BUILD INSTRUCTIONS
|
|
|
|
==================
|
|
|
|
|
2011-03-08 12:23:59 +01:00
|
|
|
GnuPG 2.1 depends on the following packages:
|
2004-01-29 20:16:59 +00:00
|
|
|
|
2013-05-22 09:50:12 +01:00
|
|
|
npth (ftp://ftp.gnupg.org/gcrypt/npth/)
|
2004-09-30 14:34:34 +00:00
|
|
|
libgpg-error (ftp://ftp.gnupg.org/gcrypt/libgpg-error/)
|
|
|
|
libgcrypt (ftp://ftp.gnupg.org/gcrypt/libgcrypt/)
|
2006-09-08 17:02:06 +00:00
|
|
|
libksba (ftp://ftp.gnupg.org/gcrypt/libksba/)
|
2006-11-06 10:26:55 +00:00
|
|
|
libassuan (ftp://ftp.gnupg.org/gcrypt/libassuan/)
|
2011-02-03 16:50:01 +01:00
|
|
|
|
2004-01-29 20:16:59 +00:00
|
|
|
You should get the latest versions of course, the GnuPG configure
|
|
|
|
script complains if a version is not sufficient.
|
|
|
|
|
2013-05-22 09:50:12 +01:00
|
|
|
You also need the Pinentry package for most functions of GnuPG;
|
|
|
|
however it is not a build requirement. Pinentry is available at
|
|
|
|
ftp://ftp.gnupg.org/gcrypt/pinentry/ .
|
|
|
|
|
2004-01-29 20:16:59 +00:00
|
|
|
After building and installing the above packages in the order as given
|
2013-05-22 09:50:12 +01:00
|
|
|
above, you may continue with GnuPG installation (you may also just try
|
|
|
|
to build GnuPG to see whether your already installed versions are
|
2004-01-29 20:16:59 +00:00
|
|
|
sufficient).
|
|
|
|
|
|
|
|
As with all packages, you just have to do
|
2003-12-23 11:05:19 +00:00
|
|
|
|
2004-01-29 20:16:59 +00:00
|
|
|
./configure
|
|
|
|
make
|
|
|
|
make install
|
2002-06-29 14:15:02 +00:00
|
|
|
|
2004-01-29 20:16:59 +00:00
|
|
|
(Before doing install you might need to become root.)
|
2002-06-29 14:15:02 +00:00
|
|
|
|
2004-01-29 20:16:59 +00:00
|
|
|
If everything succeeds, you have a working GnuPG with support for
|
|
|
|
S/MIME and smartcards. Note that there is no binary gpg but a gpg2 so
|
2008-12-09 11:54:40 +00:00
|
|
|
that this package won't conflict with a GnuPG 1.4 installation. gpg2
|
2006-09-08 17:02:06 +00:00
|
|
|
behaves just like gpg.
|
2004-01-29 20:16:59 +00:00
|
|
|
|
2013-05-22 09:50:12 +01:00
|
|
|
In case of problem please ask on gnupg-users@gnupg.org mailing list
|
|
|
|
for advise.
|
2004-01-29 20:16:59 +00:00
|
|
|
|
2008-02-19 12:58:34 +00:00
|
|
|
Note that the PKITS tests are always skipped unless you copy the PKITS
|
2010-10-26 12:25:47 +00:00
|
|
|
test data file into the tests/pkits directory. There is no need to
|
|
|
|
run these test and some of them may even fail because the test scripts
|
|
|
|
are not yet complete.
|
|
|
|
|
|
|
|
You may run
|
|
|
|
|
2011-02-03 16:50:01 +01:00
|
|
|
gpgconf --list-dirs
|
2010-10-26 12:25:47 +00:00
|
|
|
|
|
|
|
to view the default directories used by GnuPG.
|
|
|
|
|
|
|
|
|
2011-03-08 12:23:59 +01:00
|
|
|
MIGRATION FROM 1.4 or 2.0 to 2.1
|
|
|
|
================================
|
2010-10-26 12:25:47 +00:00
|
|
|
|
2013-05-22 09:50:12 +01:00
|
|
|
The major change in 2.1 is gpg-agent taking care of the OpenPGP secret
|
|
|
|
keys (those managed by GPG). The former file "secring.gpg" will not
|
|
|
|
be used anymore. Newly generated keys are stored in the agent's key
|
|
|
|
store directory "~/.gnupg/private-keys-v1.d/".
|
|
|
|
|
|
|
|
To migrate your existing keys you need to run the command
|
|
|
|
|
|
|
|
gpg2 --batch --import ~/.gnupg/secring.gpg
|
2010-10-26 12:25:47 +00:00
|
|
|
|
2013-05-22 09:50:12 +01:00
|
|
|
Secret keys already imported are skipped by this command. It is
|
|
|
|
advisable to keep the secring.gpg for use with older versions of GPG.
|
2010-10-26 12:25:47 +00:00
|
|
|
|
2013-05-22 09:50:12 +01:00
|
|
|
The use of "--batch" with "--import" is highly recommended. If you do
|
|
|
|
not use "--batch" the agent would ask for the passphrase of each key.
|
|
|
|
In this case you may use the Cancel button of the Pinentry to skip
|
|
|
|
importing this key. If you want to stop the enite import process and
|
|
|
|
you use a decent version of Pinentry, you should close the Pinentry
|
|
|
|
window instead of hitting the Cancel button.
|
2010-10-26 12:25:47 +00:00
|
|
|
|
|
|
|
Note that gpg-agent now uses a fixed socket by default. All tools
|
|
|
|
will start the gpg-agent as needed. In general there is no more need
|
|
|
|
to set the GPG_AGENT_INFO environment variable. The SSH_AUTH_SOCK
|
|
|
|
environment variable should be set to a fixed value.
|
|
|
|
|
2011-03-08 12:23:59 +01:00
|
|
|
GPG's smartcard commands --card-edit and --card-status as well as some
|
|
|
|
of the card related sub-commands of --edit-key are not yet fully
|
|
|
|
supported. However, signing and decryption with a smartcard does
|
|
|
|
work.
|
2010-10-26 12:25:47 +00:00
|
|
|
|
|
|
|
The Dirmngr is now part of GnuPG proper. Thus there is no more need
|
|
|
|
to install the separate dirmngr package. The directroy layout of
|
|
|
|
Dirmngr changed to make use of the GnuPG directories; for example you
|
|
|
|
use /etc/gnupg/trusted-certs and /var/lib/gnupg/extra-certs. Dirmngr
|
|
|
|
needs to be started as a system daemon.
|
|
|
|
|
2004-01-29 20:16:59 +00:00
|
|
|
|
|
|
|
|
2006-09-08 17:02:06 +00:00
|
|
|
DOCUMENTATION
|
2006-11-11 14:17:09 +00:00
|
|
|
=============
|
2004-01-29 20:16:59 +00:00
|
|
|
|
2006-09-08 17:02:06 +00:00
|
|
|
The complete documentation is in the texinfo manual named
|
|
|
|
`gnupg.info'. Run "info gnupg" to read it. If you want a a printable
|
2007-05-09 11:01:33 +00:00
|
|
|
copy of the manual, change to the "doc" directory and enter "make pdf"
|
|
|
|
For a HTML version enter "make html" and point your browser to
|
|
|
|
gnupg.html/index.html. Standard man pages for all components are
|
|
|
|
provided as well. An online version of the manual is available at
|
|
|
|
http://www.gnupg.org/documentation/manuals/gnupg/ . A version of the
|
|
|
|
manual pertaining to the current development snapshot is at
|
|
|
|
http://www.gnupg.org/documentation/manuals/gnupg-devel/ .
|
2006-11-11 14:17:09 +00:00
|
|
|
|
|
|
|
|
|
|
|
GNUPG 1.4 AND GNUPG 2.0
|
|
|
|
=======================
|
|
|
|
|
|
|
|
GnuPG 2.0 is a newer version of GnuPG with additional support for
|
|
|
|
S/MIME. It has a different design philosophy that splits
|
|
|
|
functionality up into several modules. Both versions may be installed
|
|
|
|
simultaneously without any conflict (gpg is called gpg2 in GnuPG 2).
|
|
|
|
In fact, the gpg version from GnuPG 1.4 is able to make use of the
|
|
|
|
gpg-agent as included in GnuPG 2 and allows for seamless passphrase
|
2007-05-09 11:01:33 +00:00
|
|
|
caching. The advantage of GnuPG 1.4 is its smaller size and no
|
2006-11-11 14:17:09 +00:00
|
|
|
dependency on other modules at run and build time.
|
|
|
|
|
|
|
|
|
|
|
|
HOW TO GET MORE INFORMATION
|
|
|
|
===========================
|
|
|
|
|
|
|
|
The primary WWW page is "http://www.gnupg.org"
|
|
|
|
The primary FTP site is "ftp://ftp.gnupg.org/gcrypt/"
|
|
|
|
|
|
|
|
See http://www.gnupg.org/download/mirrors.html for a list of mirrors
|
|
|
|
and use them if possible. You may also find GnuPG mirrored on some of
|
|
|
|
the regular GNU mirrors.
|
|
|
|
|
|
|
|
We have some mailing lists dedicated to GnuPG:
|
2011-02-03 16:50:01 +01:00
|
|
|
|
2006-11-11 14:17:09 +00:00
|
|
|
gnupg-announce@gnupg.org For important announcements like new
|
|
|
|
versions and such stuff. This is a
|
|
|
|
moderated list and has very low traffic.
|
|
|
|
Do not post to this list.
|
|
|
|
|
|
|
|
gnupg-users@gnupg.org For general user discussion and
|
|
|
|
help (English).
|
|
|
|
|
|
|
|
gnupg-de@gnupg.org German speaking counterpart of
|
|
|
|
gnupg-users.
|
|
|
|
|
|
|
|
gnupg-ru@gnupg.org Russian speaking counterpart of
|
|
|
|
gnupg-users.
|
|
|
|
|
|
|
|
gnupg-devel@gnupg.org GnuPG developers main forum.
|
|
|
|
|
|
|
|
You subscribe to one of the list by sending mail with a subject of
|
|
|
|
"subscribe" to x-request@gnupg.org, where x is the name of the mailing
|
|
|
|
list (gnupg-announce, gnupg-users, etc.). An archive of the mailing
|
|
|
|
lists are available at http://www.gnupg.org/documentation/mailing-lists.html
|
|
|
|
|
|
|
|
Please direct bug reports to http://bugs.gnupg.org or post them direct
|
|
|
|
to the mailing list <gnupg-devel@gnupg.org>.
|
|
|
|
|
|
|
|
Please direct questions about GnuPG to the users mailing list or one
|
|
|
|
of the pgp newsgroups; please do not direct questions to one of the
|
|
|
|
authors directly as we are busy working on improvements and bug fixes.
|
|
|
|
The English and German mailing lists are watched by the authors and we
|
|
|
|
try to answer questions when time allows us to do so.
|
|
|
|
|
2013-05-22 09:50:12 +01:00
|
|
|
Commercial grade support for GnuPG is available; for a listing of
|
|
|
|
offers see http://www.gnupg.org/service.html . The driving force
|
|
|
|
behind the development of GnuPG is the company of its principal
|
|
|
|
author, Werner Koch. Maintenance and improvement of GnuPG and related
|
|
|
|
software takes up most of their resources. To allow him to continue
|
|
|
|
his work he asks to either purchase a support contract, engage them
|
|
|
|
for custom enhancements, or to donate money. See http://g10code.com .
|
2006-11-11 14:17:09 +00:00
|
|
|
|
|
|
|
|
|
|
|
This file is Free Software; as a special exception the authors gives
|
|
|
|
unlimited permission to copy and/or distribute it, with or without
|
|
|
|
modifications, as long as this notice is preserved. For conditions
|
|
|
|
of the whole package, please see the file COPYING. This file is
|
|
|
|
distributed in the hope that it will be useful, but WITHOUT ANY
|
|
|
|
WARRANTY, to the extent permitted by law; without even the implied
|
|
|
|
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|