[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date ][Minivend by thread ]

PGP working

To: "MV List" <minivend-users@minivend.com>
Subject: PGP working
From: "Lyn St George" <lyn@zolotek.com>
Date: Thu, 27 May 99 21:41:12
Reply-To: minivend-users@minivend.com
Sender: owner-minivend-users@minivend.com

******    message to minivend-users from "Lyn St George" <lyn@zolotek.com>     ******

After making a few blunders :(, I finally got PGP v5.0 
working properly. I wrote a 'mini  how to' for my own 
records, and am sending it to the List in case 
anyone else may find some use in it.

==========================================
PGP 5.0, on Linux RH, PGP-Linux-Binary.tar.gz

A: on the Webhoster's site.
1. The *.rpm's from pgpi.com will only install
into /usr/local and are 'not relocatable' - OK
if it's your own server but not on your webhoster's.
Get a *tar.gz (Linux, not Unix which will fail to
find 'libbn.a'), upload, unpack, issue './pgpinst'.

2. Install into, eg, mvend/bin/ and mvend/man/, (it
will also make .pgp/ at one level up from mvend/)
then in mvend/bin issue './pgpk -g' to generate
a key-pair. Follow the prompts, except that:
   a) the userid can be fictitious, as no-one
   will be sending mail *to* this.
   b) no need to upload the public key to a key
   server when asked, as it will not be used.

3. rename 'pgp.cfg.50' (in .pgp/) to 'pgp.cfg'
and edit to suit

B: on the local machine.
1. Do the same, except that:
   a) enter a genuine userid, as Minivend's
   PGP will use this public key to encrypt the CC.
   b) upload your public key if you want.

2. now that the key-pair has been generated,
issue './pgpk -xa yourid -o yourpubkey', which
will extract your public key in ascii form.

3. upload 'yourpubkey' to mvend/bin, and (in
mvend/bin) issue './pgpk pubring.pkr yourpubkey',
to add this public key to the keyring.
Then sign this with './pgps yourid' (yourid is
your own, ie, associated with your public key),
and then issue './pgpk -e yourid' (again your own
one) to make it trusted. Issue './pgpk -c' to
check trust and validity.

4. each merchant/customer who wants to
receive encrypted orders will need to do
the same, and give you his public key
to be uploaded and added as in (3).

C: in 'catalog.cfg'
add: (where 'you@email' is PGP's 'yourid'
of the recipient, ie, you or the merchant)
'EncryptProgram /path/to/mvend/bin/pgpe -r
you@email -fat 2>/dev/null', and set
CreditCardAuto Yes.

Send yourself a test order, and PGP will use
'yourpubkey' (whichever one corresponds to
'you@email') to encrypt the CC number,
(which will come encrypted in the body or
as an attachment, depending on the mail
client) which can then be decrypted by the
mail client using PGP as a helper.

If your mail client is not PGP enabled,
then copy the message to a text file, and
at the command line issue
'./pgpv encrypted_text_file -o outfile',
which will produce a decrypted output file.

===========================

PS. this server is in the UK :)
http://www.zolotek.com/PGP-Linux-Binary.tar.gz

Lyn St George
lyn@zolotek.com		http://www.Career-Plus.com

-
To unsubscribe from the list, DO NOT REPLY to this message.  Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list

Prev by Date: Re: New to MiniVend
Next by Date: Shipping calc after Discounts and Tax
Prev by thread: Re: option for free item if buying 3
Next by thread: Shipping calc after Discounts and Tax
Index(es):
- Date
- Thread