Re: attach3...aprox 189kB

To: Tom Cook <tom.cook@adelaide.edu.au>
Cc: debian-user@lists.debian.org
Subject: Re: attach3...aprox 189kB
From: "Ian D. Stewart" <idstewart@compuvative.com>
Date: Thu, 30 May 2002 10:01:27 -0400
Message-id: <[🔎] 20020530100127.X20413@dad.columbus.rr.com>
In-reply-to: <[🔎] 20020530074832.GP14721@brain>; from tom.cook@adelaide.edu.au on Thu, May 30, 2002 at 03:48:32 -0400
References: <[🔎] F173DdkdwQVNpv7Qv2Q0000b0d8@hotmail.com> <[🔎] 20020530074832.GP14721@brain>

On 2002.05.30 03:48 Tom Cook wrote:

On  0, Arthur Dent <arthur_dent5@hotmail.com> wrote:
> Hi
> I just began posting on this list and thankfully received a lot of
replies.
> A few of them included an atachment and most of the attachments from

> different people were called attach3. When I went to have a quick
look at
> one of them it said it was of file type pgp...is this some sort of
privacy
> thing??? What does it do, I dont wish to install anything untill I
know.
> When I had windows going I would run it through a virus scanner and
all
> incoming would go through zonealarm fire wall so things were pretty
> tight(As far as I knew). Right now running this linux machine with
no virus
> scan and no firewall makes me feel soooooo vulnerable.....

Welcome to the world of Linux... virus scanners are a thing in your
past.  That said, you shouldn't normally operate as root.

Those attachments (as you will find at the end of this mail) are
indeed 'some sort of privacy thing' - sort of.  They are signatures to
verify where the mail came from.  Now don't quote me on this, but I
believe the way the signatures work is that the message is signed with
the author's private key, which can then only be decrypted with the
author's public key.  So you try decrypting the message with the
public key that you trust to be theirs, and if the result is the same
as the message then you can be assured that it was indeed signed with
the author's private key.  So its a way of ensuring that the person
who is writing this letter is really who they claim they are.

Actually, there are two different aspects. The more common scenarioencountered is digital signing. This is where the sender 'signs' themessage with their public key, indicating that the message did indeedcome from them (think of it as the digital equivelant of certifiedmail). The message itself is not encrypted. The second aspect isencryption, where the message is encrypted using the public key of theintended recipient. The message (or what ever other file is beingencrypted) will look like so much garbage until it is decrypted usingthe private key of the recipient.

Then there is steganaography (embedding one file within another), butthat is a whole 'nother ball of wax.


Take a look at the GNU Privacy Guard website[1] for more info.


If you want to dabble with public-key encrypting, the I suggest:

apt-get install gunpg

Actually, I think that should be 'apt-get install gnupg'. If you'rerunning Gnome, there is a graphical interface to pgp/gpg.


apt-get install gpgp.

Which reminds me, I need to set up gpg on my debian system...


Ian

1. http://www.gnupg.org


--

To UNSUBSCRIBE, email to debian-user-request@lists.debian.orgwith a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- attach3...aprox 189kB
  - From: "Arthur Dent" <arthur_dent5@hotmail.com>
- Re: attach3...aprox 189kB
  - From: Tom Cook <tom.cook@adelaide.edu.au>

Prev by Date: Re: Making /home not accessible by outsiders
Next by Date: Re: Firewall verification
Previous by thread: Re: attach3...aprox 189kB
Next by thread: Re: attach3...aprox 189kB
Index(es):
- Date
- Thread