If you decide to use the open-source GnuPG software, you have
to do two
things: You need to put GnuPG on your Web server (to encrypt)
and place GnuPG on
the recipient's machine (to decrypt). To get started, visit www.gnupg.org and download the
proper
version based on your operating system. Then follow the installation
and key-creation procedures outlined in the GnuPG documentation.
Once you've followed the installation and key-creation procedures
outlined in the GnuPG documentation and you have received (or
created) a
valid public key for the person who is to receive encrypted data,
there's
one more step that could get a little tricky. In this tutorial,
PHP
scripts will invoke the encryption process, and the public key
has to be on
the key ring of the user invoking the encryption. On the Web
server, PHP
usually runs as user "nobody" or "www" or as the user for your
Web server. It
could even be your own login name. Whichever user is assigned
to PHP/the
Web server, "nobody", "www," etc. must have a GnuPG key ring,
and that key
ring needs to contain the public key for any person to whom you
wish to
send encrypted mail by using PHP to invoke the encryption process.
Most ISPs have PGP rather GnuPG installed, so check with your
system
administrator regarding the availability or installation of the
software on
the server side. Otherwise, if you have the GnuPG software on
your server,
follow the steps below to add a key to the key ring on the system.
1. Export an ASCII version of a user's public key, following
the steps
in the GnuPG documentation.
2. Upload the public key text file to the PHP user's directory
on the
server (/home/www/, for example).
3. Log on to your Web server via telnet or SSH, or walk over
to it and
type at the keyboard if you are so lucky.
4. Become the PHP user. This step could involve the su command,
such as: su www.
5. Add the key to the key ring: gpg --import /path/to/keyfile.
6. Edit the key to assign a trust level: gpg --edit-key [keyname]
7. At the gpg command prompt, type "trust".
8. Select "I trust fully."
If you're stuck on any of these steps or if you don't have
access to
the key ring of the PHP user, contact your system
administrator. Otherwise, you can move on to Invoking
Public-Key Encryption.
next page»