GPG-TO-GO - email use

Home

Introduction

Downloads

Roll your own

First, launch the Windows command processor by running the batch file "go.bat". This will give you a shell window for your GPG and DOS commands. If you are not familiar with DOS, use the command "help" which will list the commands available on your system's version of DOS and what they do. For more detail, use "help <command>".

There is a major inconvenience in command-line use of GPG on a Windows machine, whether or not you run it from a floppy, namely file extensions, which must be specified in Windows. GnuPG was conceived for *NIX systems which do not need to be told the type of file, and it writes some files with no extension. The problem is compounded by the fact that most Windows machines are set up to not display file extensions, and if you are on a public machine you will not be able to change this behavior, so even if the file is written with an extension you will not be able to see what it is.

Fortunately there is a build-in DOS text editor in Windows which displays the file extensions even if they are not shown by Windows Explorer. This editor will also open text files which have been written with no extension. When you run go.bat, at the A:\> prompt give the command "edit". Select "File" > "Open" and the files on your floppy will be shown with their extensions. [It is no use trying to click on "File" (or anything else) here. Use the keys Ctrl+Alt and a letter ("F" for File, for example) will be highlighted; then simply type the highlighted letter.]

If you use the usual Windows text editor Notepad there will be a record of the file's name written to the host system's hard disk. The same occurs when you use Notepad to transfer material between your floppy and a webmail interface, and when you save an attachment from the browser to the floppy. So for maximum security it is best to choose anonymous file names.

The same problem arises if you edit your gpg.conf file with a Windows text editor. If you have to edit this file, use "edit" to avoid any registry entry.

Once you have prepared your message in your text editor, save it with a .txt extension then use the command:
A:\>gpg -o message2.txt --clearsign message.txt
[Note: You cannot overwrite the original file by specifying it in the -o (output) option.]

However, if your recipient uses a command-line version of PGP you should not use the command above, but rather
A:>gpg -t -o message2.txt -sa message.txt

When you go to your webmail composer you can open this file with the host system's Notepad and copy and paste the content to your mailer's message pane.

Prepare your message in the shell text editor and save it on the floppy as a text file, then enter the command:
A:\>gpg -o message2.txt -r <recipient> -sea message.txt
[* for the value for <recipient> use the key ID of the recipient for the moment, but GnuPG is very flexible in this respect and you will find several alternative methods in the gpg.man file in the GnuPG distribution, down near the end "How to specify a user ID".
** -sea is a short way of using the commands --sign --encrypt and --armor]
Transfer the message to your mailer in the same manner as for clear-signed messages.

Another, easier way is to use the command:
A:\>gpg -r <recipient> -sea message.txt
which will create a file message.asc, then in your mailer simply send a blank message with the .asc file as an attachment.

Attachments

For signing and encrypting files to be sent as attachments, use the same command as above but without the "a" (armor) command. An Adobe Acrobat file, for example:
A:\>gpg -r <recipient> -se document.pdf
The resulting file will be called document.gpg

You may want to encrypt the file, then add a detached signature. First: A:\>gpg -r <recipient> -e document.pdf
then:
A:\>gpg -b document.gpg
[the long version of the command -b is --detach-sign]

Messages

Copy the text of the message to the system's default text editor (e.g. Notepad) then save it as an .asc file on the floppy, e.g. crypt.asc. Run go.bat and enter the command:
A:\>gpg crypt.asc

In these cases you do not need to give specific commands such as --decrypt. GnuPG will take the appropriate action - verifying the signature and, if the message is encrypted, decrypting it. In both cases it will write a file with the same name, but without an extension, to the floppy. You can open it in the shell text editor, or simply rename it with the .txt extension.

Attachments

The situation with encrypted attachments is not so simple, for two reasons. First, the encrypted file might be created by PGP and will have a .pgp extension. Second, if you follow the decryption procedure for messages with a file encrypted by GnuPG the decrypted file written to the floppy will have no extension.

Fortunately, mailers display the file extension when listing attachments even when your system is set up to not display extensions.

In the case of .gpg files, you will have to use:
A:\gpg --use-embedded-filename document.gpg

In the case of a file encrypted by PGP your mailer will show the attachment with a double extension, like document.pdf.pgp. You will have to change the .pgp to .gpg when you transfer it to your floppy. Usually you can right-click the file in the mailer then "Save as...". Then you can use the command:
A:\gpg document.pdf.gpg

Verifying detached signatures is simple:
A:\>gpg document.sig
You will then be asked for the name of the data file (which is the file that was signed with the detached signature).

PGP/MIME

PGP/MIME messages are easily handled. They show in your mail interface as a blank message with an attachment which has an .asc extension. Save the attachment to your floppy, and treat it as an inline encrypted message.

[If you want a plaintext version of these e-mail instructions to keep on your floppy you can get it from the Downloads page.]