PGP Command Line Version 7.0.1 ReadMe
Copyright (c) 1999-2000 by Networks Associates Technology, Inc., and its Affiliated Companies.
All Rights Reserved.


Thank you for using Network Associates' products. This ReadMe file contains important information regarding the PGP Command Line. Network Associates strongly recommends that you read this entire document.

Network Associates welcomes your comments and suggestions. Please use the information provided in this file to contact us.

Warning: Export of this software may be restricted by the U.S. Government.

WHAT'S IN THIS FILE

Enhancements/Fixes in this Release
New Features
Functionality Overview
Documentation
System Requirements
Installation
Known Issue
Additional Information
Contacting Network Associates
Copyright and Trademark Attributions

ENHANCEMENTS/FIXES IN THIS RELEASE

  1. AES support. This release of PGP adds support for the new Advanced Encryption Standard algorithm (Rijndael).
     
  2. Concurrent use with PGP Desktop Security. PGP Command Line now tries to use the PGPsdk Service if it is available, allowing both PGP Command Line 7.0.1 (for Windows) and PGP Desktop Security 7.0 or 7.0.1 to simultaneously share the same keyring files.
     
  3. The TZFIX configuration variable is now being interpreted correctly.
     
  4. When processing a text file without any encrypted data blocks or keyblocks, PGP now behaves correctly and sets the return code to 3.
     
  5. PGP now correctly states that it is creating an ascii-armored file when using the "-at" command line option. Previously, it erroneously stated that it was creating a Clear Signature File.
     
  6. Performing an encrypt and sign operation using a split key as the signing key now properly allows the user to reconstitute the key.
     
  7. When encrypting and signing a file, PGP no longer prompts for the signing passphrase before validating the user ID and key ID belonging to the recipient.
     

NEW FEATURES

  1. Administrator enforced settings on Unix platforms. PGP Command Line adds the ability for an administrator to enforce/override any settings that users of PGP Command Line specify. Settings stored in /etc/pgp/pgp-cfg override settings specified by the user via the command line, environment variables, or the PGP.CFG file.
     
  2. New RSA key format. PGP Command Line 7.0 introduced a new RSA key format that provides support for PGP's Additional Decryption Key (ADK), designated revoker, and multiple encryption subkeys. Previously these features were only available to users with Diffie-Hellman keys. PGP will continue to support users who have RSA keys in the older key format (now called the RSA Legacy key format).
     
  3. Twofish support. This release introduces the option of encrypting data using Twofish, a relatively new, but well regarded 256-bit cipher. Twofish is one of five finalists for NIST's new Advanced Encryption Standard (AES). You can obtain more information about Twofish at the following URL:

    http://www.counterpane.com/twofish.html

  4. Enhanced key signing support. This release gives users/administrators three new signature type options when signing PGP keys: Non-Exportable, Meta-Introducer, and Trusted Introducer. These are in addition to the current signature type supported: Exportable.

    Users/administrators also now have the option of limiting the lifetime of a signature on a key, rather than always having the signature valid until revoked.

  5. Split key support. This release includes support for PGP's key splitting technology. Based upon Blakely- Shamir key splitting standards, PGP can split private keypairs into a number of administrator-specified "shares." The key can be rejoined once an administrator-defined threshold of "shares" are presented.
     
  6. Designated Revoker support. This release adds support for PGP's Designated Revoker feature for PGP v4 keys (both DH/DSS and RSA keys). Users can specify one or more keys that can act as a revoker for their own key.
     

FUNCTIONALITY OVERVIEW

PGP Command Line provides a convenient way for you to integrate PGP's strong authentication and encryption features with other applications and automated processes. Examples include encrypting credit card transactions, or personnel records. 

The following commands provide on-line help for each of the major product areas:

DOCUMENTATION

Also included with this release are the following manuals, which can be viewed on-line as well as printed:

For UNIX releases the following online documents are also included: 

The following postscript files are also included: 

Documentation feedback is welcome. Send email to tns_documentation@nai.com

SYSTEM REQUIREMENTS

To install PGP Command Line on a Windows NT or Windows 2000 system, you must have: 

To install PGP Command Line on a UNIX system, you must have: 

INSTALLATION

To install PGP Command Line on a Windows machine:

  1. Start the Windows system.
     
  2. Download the PGP files to the system or insert the PGP CD-ROM into the CD-ROM drive.
     
  3. Double-click SETUP.EXE to start the Setup program.

    Note: If you are installing from the CD-ROM, the Setup program automatically starts. If, however, the Setup program does not initiate, double-click SETUP.EXE in the Disk 1 folder on the CD-ROM.

    The PGP Command Line Welcome screen appears.

  4. Review the information in the Welcome screen, then click Next.

    The Network Associates license agreement appears.

  5. Review the license agreement information, then click Yes to accept the licensing terms.

    The ReadMe.txt file appears listing the new features and other important information regarding PGP Command Line.

  6. Review the ReadMe.txt file, then click Next.

    The Choose a Destination Location dialog box appears.

  7. Use the default destination directory or click Browse to navigate to a directory for your PGP files, then click Next.

    The Select Components dialog box appears.

  8. Clear the components that you do not want to install. By default, both options are selected.
  9. Click Next.

    The PGP files are copied to the computer.

  10. Click Finish to complete the PGP Command Line installation. 


To install the PGP Command Line Solaris package on a Sun SparcStation:
(To install the software, you must have root privileges.)

The Solaris package automatically extracts and installs all of the necessary software components in their proper directory locations.

  1. Download the PGP package to the system or insert the PGP CD-ROM into the CD-ROM drive.

    To install from a CD-ROM drive you must also login as root, and cd to the install directory (/cdrom). The CD mounts automatically. If, however, the CD does not mount automatically, you can mount it by going into the root directory (Cd ..), and issuing the following command:

    #mount -F nfs -ro /dev/dsk/c0t6d0s2 /cdrom

  2. If this is the first time you are installing the PGP Command Line product on this system, navigate to the directory where the PGPcmdln_x.x.x_Solaris file is located, and begin installing the package by issuing the following command:

    pkgadd -d PGPcmdln_x.x.x_Solaris

    (where x.x.x is the release number)

    If a previous version of the Command Line is installed on this system, you must remove it before you can install the new package. If you have version 6.5.x installed, you can remove it by issuing the following command:

    pkgrm PGP If you have version 7.x installed, you can remove it by issuing the following command:

    pkgrm PGPcmdln

    Note: If you install from a CD-ROM drive under Sun Solaris, you may receive a warning that tells you that the file system does not conform to ISO-9660 specifications. This is because the name of the file contains more than eight characters. Ignore this warning; the install will proceed without problems.

  3. Review the license agreement information, then type Y to accept the licensing terms.

    The installer processes the package and system information, verifies disk space requirements, and installs the PGP Command Line program files.

    Note: The program files are installed to the default installation path of /opt/PGP/.

  4. When the installation is complete, you can verify that the product was installed properly by entering the following command:

    pkginfo -l PGPcmdln

    The status for the selected package should be "STATUS: completely installed."


To install the Command Line tarball on a Sun SparcStation:

  1. Download the PGP package to the system or insert the PGP CD-ROM into the CD-ROM drive.

    To install from a CD-ROM drive you must first copy the PGP installation file for your operating system to a temporary location on your systems harddrive. Then change your current working directory to that same location.

  2. Uncompress the package by issuing the following command:

    gzip -d < PGPcmdln_x.x.x_Solaris.tar.gz | tar xvf -

    (where x.x.x is the release number)

    When the package is uncompressed, the pgp-x.x.x/ directory is created.

  3. To run the PGP Command Line application, enter the following command:

    ./pgp


To install PGP Command Line on AIX and HPUX systems:

  1. Download the PGP package to the system or insert the PGP CD-ROM into the CD-ROM drive.

    To install from a CD-ROM drive you must first copy the PGP installation file for your operating system to a temporary location on your systems harddrive. Then change your current working directory to that same location.

  2. Uncompress the package by issuing the following command:

    gzip -d < PGPcmdln_x.x.x_AIX.tar.gz | tar xvf -

    or

    gzip -d < PGPcmdln_x.x.x_HPUX.tar.gz | tar xvf -

    (where x.x.x is the release number)

    When the package is uncompressed, the pgp-x.x.x/ directory is created.

  3. To run the PGP Command Line application, enter the following command:

    ./pgp


To install PGP Command Line on Linux RPM systems:
(To install the software, you must have root privileges.)

  1. Download the PGP files to the system or insert the PGP CD-ROM into the CD-ROM drive.
     
  2. Install the package by issuing the following command:

    rpm -iv PGPcmdln_x.x.x_linux.i386.rpm

    (where x.x.x is the release number)

    The PGP program files are copied to the system.

  3. When installation is complete, verify the PGP signature file by adding the PGP signature in the SampleKeys.Asc file found in /usr/doc/pgp-x.x.x/ directory to your keyring.

    Once the PGP signature is added to your keyring, issue the following command:

    rpm --checksig PGPcmdln_x.x.x_linux.i386.rpm

    (where x.x.x is the release number)

    If the signature is correct, the response from this command is "OK."


To install PGP Command Line tarball on Linux systems:

  1. Download the PGP package to the system or insert the PGP CD-ROM into the CD-ROM drive.

    To install from a CD-ROM drive you must first copy the PGP installation file for your operating system to a temporary location on your systems harddrive. Then change your current working directory to that same location.

  2. Uncompress the package by issuing the following command:

    gzip -d < PGPcmdln_x.x.x_linux.tar.gz | tar xvf -

    (where x.x.x is the release number)

    When the package is uncompressed, the pgp-x.x.x/ directory is created.

  3. To run the PGP Command Line application, enter the following command:

    ./pgp

KNOWN ISSUE

ADDITIONAL INFORMATION

  1. PGP 7.0.1 provides secure memory locking for root accounts. If you are logged into a non-root account, the PGP banner displays "Warning: Using insecure memory."

    Note: Secure memory locking is not available for PGP Command Line on AIX systems.

  2. Unlike previous versions of PGP, this version does not automatically back up keyrings. This is the sole responsibility of the user.

CONTACTING NETWORK ASSOCIATES

For questions, orders, problems, or comments 

You may direct all questions, comments, or requests concerning the software you purchased, your registration status, or similar issues to the Network Associates Customer Service department at the addresses or phone numbers listed below.

Contact the Network Associates Customer Service department between 8:00 a.m. and 8:00 p.m. Central Time, Monday through Friday, at:

Network Associates Customer Service
4099 McEwen Road, Suite 500
Dallas, Texas 75244

For corporate-licensed customers:

Phone: (972) 308-9960
Email:services_corporate_division@nai.com
World Wide Web: http://support.nai.com

For retail-licensed customers:

Phone: (972) 855-7044
Email:cust_care@nai.com
World Wide Web:http://www.pgp.com
To provide the answers you need quickly and efficiently, the Network Associates technical support staff needs some information about your computer and your software. Please have this information ready when you call:

We also seek and appreciate general feedback.

For product upgrades

Network Associates has a worldwide range of partnerships and reseller relationships with hundreds of independent vendors, each of which can provide you with consulting services, sales advice, and product support for Network Associates software. For assistance in locating a local reseller, you can contact Network Associates Customer Service at (972) 308-9960.

For reporting problems

Network Associates prides itself on delivering a high-quality product. If you find any problems, please take a moment to review the contents of this file. If the problem you've encountered is documented, there is no need to report the problem to Network Associates.

If you find any feature that does not appear to function properly on your system, or if you believe an application would benefit greatly from enhancement, please contact Network Associates with your suggestions or concerns.

For on-site training information

Contact Network Associates Customer Service at (800) 338-8754.

COPYRIGHT AND TRADEMARK ATTRIBUTIONS

Copyright (c) 1990-2000 Networks Associates Technology, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Networks Associates Technology, Inc., or its suppliers or affiliate companies.

Trademark Attributions

* ActiveHelp, Bomb Shelter, Building a World of Trust, CipherLink, Clean-Up, Cloaking, CNX, Compass 7, CyberCop, CyberMedia, Data Security Letter, Discover, Distributed Sniffer System, Dr Solomon’s, Enterprise Secure Cast, First Aid, ForceField, Gauntlet, GMT, GroupShield, HelpDesk, Hunter, ISDN Tel/Scope, LM 1, LANGuru, Leading Help Desk Technology, Magic Solutions, MagicSpy, MagicTree, Magic University, MagicWin, MagicWord, McAfee, McAfee Associates, MoneyMagic, More Power To You, Multimedia Cloaking, NetCrypto, NetOctopus, NetRoom, NetScan, Net Shield, NetShield, NetStalker, Net Tools, Network Associates, Network General, Network Uptime!, NetXRay, Nuts & Bolts, PC Medic, PCNotary, PGP, PGP (Pretty Good Privacy), PocketScope, Pop-Up, PowerTelnet, Pretty Good Privacy, PrimeSupport, RecoverKey, RecoverKey-International, ReportMagic, RingFence, Router PM, Safe & Sound, SalesMagic, SecureCast, Service Level Manager, ServiceMagic, Site Meter, Sniffer, SniffMaster, SniffNet, Stalker, Statistical Information Retrieval (SIR), SupportMagic, Switch PM, TeleSniffer, TIS, TMachf, TMeg, Total Network Security, Total Network Visibility, Total Service Desk, Total Virus Defense, T-POD, Trusted Mach, Trusted Mail, Uninstaller, Virex, Virex-PC, Virus Forum, ViruScan, VirusScan, VShield, WebScan, WebShield, WebSniffer, WebStalker WebWall, and ZAC 2000 are registered trademarks of Network Associates and/or its affiliates in the US and/or other countries. All other registered and unregistered trademarks in this document are the sole property of their respective owners.

License Agreement

NOTICE TO ALL USERS: FOR THE SPECIFIC TERMS OF YOUR LICENSE TO USE THE SOFTWARE THAT THIS DOCUMENTATION DESCRIBES, CONSULT THE README.1ST, LICENSE.TXT, OR OTHER LICENSE DOCUMENT THAT ACCOMPANIES YOUR SOFTWARE, EITHER AS A TEXT FILE OR AS PART OF THE SOFTWARE PACKAGING. IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH THEREIN, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO THE PLACE OF PURCHASE FOR A FULL REFUND.