tkpgp is a gui front-end to PGP and GnuPG.

The main webpage for tkpgp is here.



What follows is the full tkpgp README:
!          copyright tkpgp v2.1 Copyright (c) 1996-2010 Karl J. Runge

This is a program that provides a gui front end to Philip Zimmermann's
Pretty Good Privacy(tm) (PGP) Public-key encryption system and also
the Gnu Privacy Guard (GnuPG/gpg) implementation.

It utilizes the Clipboard Selection heavily to ease moving pgp-processed
text both to and from any of your apps (mail reader, news reader, editor,
etc...)  No need to select the output text by hand or by typing in a
filename, it is usually placed in the Selection automatically for you!

tkpgp was first written way back in 1996 as a front-end to PGP.  A couple
years after that there was a separate and similar project, also named
tkpgp, by tftp at, but that one was abandoned around 2000.

The original tkpgp (by Karl J. Runge) lives on!  It now supports GnuPG.

Back in 1996, it was novel to have a GUI front-end to PGP.  Nowadays
(2010) there are many front-ends to PGP/GPG: GPA, KGpg, Seahorse;
and mail-client integration: Enigmail, Evolution, KMail, mutt, and
many others.  It is recommended that you try some of those first.
tkpgp is kind of an oddball, ugly duckling, geeky utility.  tkpgp is
intended for people who like things a little different and hacky.

It works for PGP version 2.6.2 and/or GnuPG 1.4.0 or later.  PGP (pgp)
and/or GnuPG (gpgp) needs to be installed on your system with "pgp/gpg"
in your PATH somewhere.  Read a little bit about PGP and make a key or
two and encrypted message by hand before trying tkpgp.

Tkpgp also requires tcl/tk's wish version 8.0 or higher.
You can get tcl/tk at:

Tkpgp has been written to detect the operating system it is running on.
For some time now it has been working fine on Unix.

Now (2010) Obsolete:
| Recently (11/97) initial support for Win95 and Win3.1 has been provided
| under tcl/tl 8.0. Still some kinks to work out on Windows, but it is
| usable. Support for WinNT has not been tested, but should be easy (if
| not already there). Tkpgp runs OK on Win3.1 but there are some annoyances
| such as the need to manually deiconify the DOS box for interactively run
| PGP commands (e.g. secret key generation) Mac support will most likely
| not happen since there is no exec, and I imagine PGP is already a GUI
| rather than a STDIO program.

Note: Windows support for GnuPG has not been attempted.  There are
currently no plans to support it on Windows anymore.

Note: tkpgp works on MacOSX.  XQuartz and xterm are used for the terminal.
You will need to explicitly install the gpg package. 

This package comes with two tcl/tk program's "tkpgp" and "browse".
"browse" is a standalone file-selector-dialog-box, useful to embed
in other apps and shell scripts to get user input for a filename.

In the "tkpgprc" file setting BROWSE_CMD to "internal" will use Tk's
internal file open dialog. "browse" stdout seems to be lost on
Windows, so "internal" should be used there.

You do not have to use "browse" if you do not want to.

Another interesting cmdline tool included is "tpg", here is its help

  # tpg -h
  tpg: example tkpgp communication channel script.
  This is roughly like gpg-agent, but uses a running tkpgp.
  tkpgp Auto Command must be enabled for it to work.  If you have Auto
  Password enabled in tkpgp (recommended) it will automatically use the
  password you have supplied to it.
  tpg [-V] [-T|-TT] [-b] [option] [file ...]
          -V      verbose printout
          -T      trim off leading '> ' or '| '
          -TT     apply -T and also re-insert leading '> ' in output.
          -b      send "BROWSE:" input option to tkpgp (e.g. for binary file.pgp)
          -d      decrypt  (the default)
          -s      sign
          -so     sign only
          -v      verify
          -a      verify application/pgp-signature attachment
                  (headers are modified.)
          -e      encrypt (recipients must be selected in tkpgp)
          -es     encrypt+sign (recipients must be selected in tkpgp)
          -c      clear text from main window
          -t      delete all tmp files
  files on cmdline are read in as the data to be processed.
  result is printed out to stdout.

>> Unix:

Unpack the tar gzipped file. cd down into the directory it created,
Move "tkpgp" and "browse" and "tpg" (browse and tpg are optional) to
somewhere in your PATH. Copy the "tkpgprc" file to ~/.tkpgprc and edit
any preferences (e.g. MAILHOST...)

You must have the wish program (version 8.0 or above) in your PATH
If for some reason you don't want to do that, add a "shebang" line:


to the very top of "tkpgp" and "browse", where /usr/local/bin/wish8.4
is, say, the full path to the wish binary.

tkpgp and browse come with the more portable:

# the next line restarts using wish \
exec wish "$0" "$@"

which utilizes your PATH.

To install permanently move "tkpgp" and "browse" to some standard
place, e.g.  /usr/local/bin or ~/bin, in your PATH.

>> Windows:

Install tcl/tk (e.g. tcl84.exe). 

Unpack the zip file, via pkunzip -d This will create
directory TKPGP containing the program "tkpgp.tcl".

Edit the "tkpgprc" file in the TKPGP directory if you want to change
any preferences. Make a shortcut or program item if you want.

If pgp and/or gpg is installed on your system, typing "tkpgp" (on Unix)
in this directory should start it up OK and it should be able to do
most things.  On windows launch via shortcut, Run..., or Explorer.

Click the Help, then "Contents" button for more information.

I STRONGLY advise you to backup your PGP (~/.pgp) or GnuPG (~/.gnupg)
directory to be sure tkpgp doesn't do something unexpected to the
important data there.  It is beta software and it has only been tested
at length in my environment.  It is not clear to me what will happen
for certain customizations a user may have put into ~/.pgp/config.txt
(I am a pretty vanilla PGP user).

I wrote this program since I continue to be fascinated by RSA and PGP.
I also wrote it as a learning experience for gui and program design.
If there are too many features, a missing feature, or any other
suggestions you have, please let me know.

It is not clear to me that a standalone PGP gui is the what people will
want, especially in the long term.  In general I think people will want
PGP integrated into their mail reader, news reader, and even WWW browser.
That is alot of distributed work, and so I thought it would be fun to
see how useful a standalone GUI interface to PGP would actually be.

On of the great things about PGP, even the somewhat dated version 2.62
I use, is that it is widely distributed around the world. Thank god
for this encryption tool for ordinary people! Tkpgp makes a nice
GUI interface for this encryption tool!

Karl Runge

Included below is the (long!) "tkpgp" Howto section that tries to 
describe everything.

tkpgp v2.1 Copyright (c) 1996-2010 Karl J. Runge

How to use "tkpgp":

There is no replacement for reading and understanding the PGP/GPG documentation

Ideally, you know a little bit about the PGP (pgp) or GnuPG (gpg)
command for the more frequently used actions, and want to use "tkpgp"
for help avoid the extra typing, manipulating, and having to remember
the command line syntax. "tkpgp" may also help one to learn about the
PGP tools and encryption methods.

"tkpgp" requires that PGP (pgp) and/or GnuPG (gpg) be installed on your
system and this program(s) is accessible from your PATH variable. It works
for Pretty Good Privacy(tm) version 2.6.2 and GnuPG 1.4.0 and later.

When "tkpgp" starts up it checks if it can find pgp/gpg on your system.
It then runs the command with the -kv/-k flags to obtain the names of the keys
on your public key ring. It places these in the "User ID" pull down menu.

In the following, "TextArea" will refer to the scrolling area of text
that "tkpgp" displays as its body. "EntryBox" will refer to the
entry box and confirmation buttons near the bottom where the user
types in information. "MessageBox" is the label at the very bottom where
information messages are posted.  The word "Selection" is used (on Unix)
to mean the PRIMARY X selection.

Input methods:

  The default input method is to "Paste-in" from the Selection. For
  example, to Encrypt a message you simply paste it into the
  TextArea. In Paste-in mode you can, of course, also type directly in
  the TextArea. Also, a very quick way to input the contents of the
  Selection is to press Ctrl-R, this is equivalent to pasting in the
  text and then clicking "OK" to have the selected action performed
  on it. Clicking the Right-Mouse button (Button-3) does the same as Ctrl-R.

  The other input method is "Browse". In this method you select an input
  file via a simple file browser that is presented. Click your way through
  the directories, then select the file you want to use.
  I prefer the "Paste-in" mode since it is an easy way to couple my
  e-mail, news reader, or browser with PGP: I just copy-n-paste back and
  forth between the app and "tkpgp".

The Main Actions:

These are used alot, and so appear as buttons on "tkpgp"'s main Menubar
at the top of the application.

    By clicking on the "Encrypt" button will asked to paste into
    the TextArea or be presented with a file Browser ("browse", a
    program that should have come along with "tkpgp") to select a file
    to Encrypt. If you had typed/pasted a filename into the "Command:"
    EntryBox before hitting "Encrypt", that file would be used without
    calling the Browser.
    Paste or type in the text (Ctrl-R is a quick way to paste in the
    Selection. Clicking the Right-Mouse button does the same.)  or,
    if in Browse mode, select a file by browsing for it then double
    clicking on it.  Otherwise, type the name into the Browser's entry
    box and click "OK".

    Since Encrypting requires using someone's Public Key you must 
    have selected at least one from the "User ID" pull down menu.
    "tkpgp" will do some simple checking to guess if the "pgp" Encrypting
    action may overwrite an existing file and ask you if you want to 
    backup that file (e.g. Encrypting "myfile" may clobber "myfile.asc")

    "pgp" will then be run, and its messages will be displayed with
    highlighting in the "tkpgp" scrolling TextArea.  The newly created
    encrypted filename should be highlighted and selected for easy
    pasting into other applications.  

    To view and select the contents of the new file, Click "File",
    then "Show Newest File".

    Note that (with gpg) '--trust-model always' is applied to
    automatically encrypt with the key you selected and not prompt you
    if the keys trust cannot be determined.  See the gpg(1) man page
    for details on why you might not want to do this unless you verify
    the key more carefully.

    [pgp -e ...]
    [gpg --encrypt ...]

    Clicking on the "Decrypt" button asks you to Paste-in an encrypted
    message (see Ctrl-R above) or you will presented with a file
    Browser. Proceed as before under "Encrypt".
    Now since Decrypting means you must use one of your Secret Keys
    to decrypt the file, you will be prompted for your Pass Phrase
    (see the PGP documentation for more info). Type the Pass Phrase
    into the EntryBox at the Bottom and press  or Click "OK".
    "tkpgp" will check for the possible clobbering of files as above,
    and if all goes well, the file will be decrypted by the "pgp" action.

    The new filename should be highlighted along with any messages,
    and you can also view the file via Clicking "File", then 
    "Show Newest File" as before.

    [pgp ...]
    [gpg ...]

    Clicking on the "Sign" button will once again ask you to Paste-in
    data or present you with a file Browser. Input the data as before.
    Now you can sign a Message with your Private Key, to, say, send off
    to others. Once you have selected the filename and provided your
    Pass Phrase to the EntryBox prompt the file will be Signed in
    "pgp"'s "Clear Sig" mode. View, Select, etc, the new file as before.

    [pgp -st ...]          [pgp -s ...]      [pgp -es ...]
    [gpg --clearsign ...]  [gpg --sign ...]  [gpg --encrypt --sign ...]

    Clicking on the "Verify" button will again be asked to Paste-in
    the Selection or be presented with the file Browser. Proceed as
    before with "Encrypt" or "Decrypt".
    In this case someone has Signed a message with their Private Key
    and has publicized the signed message. If you have their Public
    Key (displayed in "User ID" menu) "tkpgp" and "pgp" can Verify
    that the message is really from the sender and has not been tampered
    "tkpgp" will check for the possible clobbering of files as above,
    the messages from the "pgp" action will be presented to you with
    highlighting in the TextArea. Viewing any created files can be 
    done as mentioned above.

    [pgp ...]
    [gpg --verify ...]

    Clicking on the "Enc+Sign" button will both sign a text file with
    your public key, then Encrypt it for the selected Recipient(s).

    Note that (with gpg) '--trust-model always' is applied to
    automatically encrypt with the key you selected and not prompt you
    if the keys trust cannot be determined.  See the gpg(1) man page
    for details on why you might not want to do this unless you verify
    the key more carefully.

    [pgp -es ...]  [gpg --encrypt --sign]

    The Cancel button is normally disabled, but during an Action if you
    decide you do not want to continue the action, click this button to
    terminate it. All Action buttons will be greyed out when the Cancel
    button is active, so it should be pretty clear when the Cancel button
    can be used.

Is that All?:

Perhaps that is all one really needs to do in most cases, and 
hopefully "tkpgp" works well in performing those tasks. 

But, of course, there's a lot more...


    Select a file with the file browser for subsequent processing.
    Currently requires the "browse" tcl/tk program supplied with

    Starts up an editor. You can compose your message in there and
    then copy-n-paste or save to a file and read into "tkpgp". You can
    compose directly in the TextArea if you like, but this is somewhat
    awkward. Set the EDIT_CMD directive below under "Misc" on how to
    set your editor..

  Select All Text:
    Places the entire session Log into the selection. Ctrl-/ does the same.

  Clear All Text:
    Deletes all text from the TextArea. To delete just part of the
    text in the TextArea highlight it with the mouse then then press
    the "BackSpace" key. 

    Find a pattern in the TextArea (case is ignored). Enter the pattern
    to match in EntryBox when prompted by "Find:". Click on "Fwd" or
    press "Enter" to search forward from the cursor. Click on "Back"
    to search backward. Ctrl-F and Ctrl-B also search forward/backward
    (note Capitals). These two keypresses may be used directly to search
    for the last pattern searched for without initiating a Find dialog.

    Click "OK" or press "Escape" to finish the Find dialog.
    In the TextArea and EntryBox Ctrl-f initiates a Find dialog.

  Delete Tmp Files:
    Attempts to delete ALL the tempfiles in the Temporary directory.
    They are "Wiped" and synced before removal.  Wiping means to
    open the file, overwrite its contents with a fixed character,
    sync(1) the hard disks, and then delete the file.  This is far
    from bulletproof, but should thwart simple attempts to read
    sensitive data left on the hard disk after file removal.

  List New Files:
    Prints to the TextArea the list of files created or modified 
    during the current "tkpgp" session. The latest one is 
    highlighted and selected for easy pasting into other apps.

  Show Newest File:
    Displays the most recently created file during this session in the
    TextArea. Also exports that text to the selection.  If the file
    appears to be binary it will not be printed.

    As in Exit (see below), however it restarts itself and carefully
    exchanges the most recent passphrase (if any.)

    This is a sure way to clear memory of any sensitive information and
    keep working with the current passphrase.  Note: the process will
    be running in the background after this action.

    Exits the programs. Cleans up any temporary files or directories.
    These temporary files are Wiped (see above), synced and then removed.

There are a variety of options for "tkpgp", some very useful some esoteric.
See the "Config" section below on how to change these defaults.

In the order they appear in the "Options" pull down Menu, here
they are:

    If set, more information will be displayed to the scrolling TextArea
    as "pgp" commands are run. E.g. more information about Keys and any
    created files. Unsetting it does NOT make the outputting extremely
    terse, so it really doesn't provide a big effect.

  Always Show:
    If set, the program will most always try to display the contents
    of the file created by the most recent action. Contents will also
    be put into the selection. Unsetting it will cause the displaying
    to occur less frequently.

  External Terminal:
    "tkpgp"'s default is to ask for input and then provide "pgp" action
    output in the TextArea. It seems the "pgp" program cannot be tricked
    into using the Standard Input stream for user responses (i.e. for
    pass phrase or whether to overwrite an existing file). That is to say
    "pgp" needs a real TTY for these actions. If "Ext. Terminal" is set,
    then the "pgp" actions (except for trivial ones, e.g. help: "pgp -h")
    will get a real TTY by being run in an external terminal program.
    On Unix and MacOSX this is "xterm".

  Prefer GPG:
    "tkpgp" was written way back in the days (1996) of PGP 2.6.x It now
    supports GnuPG (Gnu Privacy Guard -- GPG.)  It can still do both PGP
    and GPG (as long at the external commands "pgp" and "gpg" exist
    on the machine.)  However, for some actions it cannot autodetect
    which one to use.  This setting means to choose GPG in those cases.

    The default input mode is for "tkpgp" to use selection copy-n-paste.
    The text will be saved into a temporary file and the "pgp" action then
    performed on it.  You can view the output and copy it to a permanent
    file if you like.  Usually the output will automatically be placed
    in the selection to facilitate this.  The reason for this default
    is that it may be easier to Paste a signed message you are reading
    in your Mail or News reader into "tkpgp" rather than having to save
    to a file an then read it in, etc.
    The other input mode is to use the file Browser to select a file to
    perform a "pgp" action on.  The file Browser has C-shell like Ctrl-D and
    Esc/TAB file completion if you are familiar with these.  Also, in this
    mode it first checks the Command: EntryBox contents for a presence
    filename, if one is there it uses that instead of using the file Browser
    Pasting into the TextArea can be done as follow:
        1) Ctrl-V will paste the selection at the insertion cursor (vertical
	   bar in text area)
        2) Hitting the "Insert" key will also paste at the insertion cursor.
        3) Place the mouse at the place you want to paste (usually at the
           insertion cursor point), and click the 2nd button. (middle 
           button under Unix).

    Finally, instead of Clicking "OK" you may also press Ctrl-D, so a
    very quick way to paste is to press  Ctrl-V Ctrl-D. In fact this has
    shortened to a single keystroke: Ctrl-R (r for read?) or Right Button.
  Paste Next
    If Input mode is "Browse", this overrides the mode to "Paste" for
    the next, and only next, Command action.
  Browse Next
    If Input mode is "Paste", this overrides the mode to "Browse" for
    the next, and only next, Command action.
  Auto Password:
    If a Passphrase or Password has already been entered, use it
    automatically without prompting the next time a password is needed.

  Auto Command:
    Enable a Remote Control communication channel thru ~/.tkpgp_cmd
    It can automatically decrypt, sign, or verify data put in that file.
    The results are placed in ~/.tkpgp_res   See the tpg script for an

    The default file creation mode for "tkpgp" is Ascii. I.e. file
    output to "myfile.asc" type format. This just uses the "pgp" "-a"
    option where appropriate. To generate binary output, e.g. 
    "myfile.pgp", select "Binary".

    For decryption or verification this setting may be ignored (i.e.
    pgp/gpg will output Ascii if that is what the plain text is.)

    Select "PGP/MIME" to have the encrypted or signed text come out as
    PGP/MIME, complete with MIME headers and etc.  Hopefully you will be
    able to paste this into an email (including the initial headers.)
    When mailing from "tkpgp", only VIA MAILHOST will include the headers

  UserID List:
    If you have alot of public keys the simple pull down UserID's menu will
    be bigger than that screen is tall. There are a couple of ways around
    this. The first is that the first item of the UserID's pull down menu
    is "ScrollBox", which gives you a standalone scrollable window with
    your keys. Another option is selecting "Alpha" here. This gives you
    an alphabetical A, B, C, breakup of your keys. Choosing the alternative
    "Flat" will just give you the standard pull down. This is OK if you
    have less than 30 or so keys.

    The checkbox "Sort" will make the Public Key list (in all the places 
    it is used) be sorted alphabetically.

  Show Settings
    Shows various current settings; intended for debugging.

There are a number of extra command actions (i.e. in addition to
the Main Actions above) in the "Actions" pull down menu.

  List Public Keys:
    Displays the keys on your pubring.pgp keyring. (verbosely
    if "Verbose" is set in "Options")   [pgp -kv]  [gpg -k]

  Concisely (Public):
    Shows a Public Key Listing with one line per key.

  List Signatures:
    Lists the keys along with those that have signed them.  This
    information can be very long.  If a single UserID is selected,
    then the printed info only pertains to that user.
    [pgp -kvv]  [gpg --list-sigs]

  Show Public Key:
    Displays an ascii PGP PUBLIC KEY BLOCK of the (Single) userid
    checked in the "User ID" menu.
    [pgp -a -f -kx "id"]  [gpg -a --export "id"]

  Show Photo:
    If the key has a Photo attached to it, show it (gpg only.)
    [gpg --list-keys --list-options show-photos "id"]

  Search Keyserver:
    Use GnuPG (gpg) --keyserver --search-keys to look for keys
    stored on a remote keyserver (e.g.  Does not
    work with pgp.  You can lookup by email address, name or Key ID.

    You can also type "search://server/name" into the Command:
    entry box.  You can also press Control-S to search using the
    X selection.  The selection can be either a name, an email
    or an 8 digit HEX keyid.

  Add Key:
    To add a key to your PGP public key ring Click this item.
    You will be prompted for a file containing the person's
    Public Key contents (or to Paste if Paste mode is on, e.g.
    you finger'd a person to get their PGP PUBLIC KEY BLOCK).
    [pgp -ka -f < keyfile]  [gpg --import keyfile]

  Remove Key:
    This will delete from your PGP keyring the (Single) userid
    checked in the "User ID" menu.
    If a Secret key also exists, it too will be removed.
    [pgp -kr "id"]
    [gpg --delete-secret-and-public-key "id"]

    Since this is user interactive, this action is always
    run in an external terminal. (See "Ext. Terminal" above). 

  List Secret Keys:
    Displays the keys on your secring.pgp keyring. (verbosely
    if "Verbose" is set in "Options")
    [pgp -kv secring.pgp]  [gpg -K]

  Concisely (Secret):
    Shows a Secret Key Listing with one line per key.

  Show Secret Key:
    Displays an ascii PGP PRIVATE KEY BLOCK of the (Single) userid
    checked in the "User ID" menu.
    [pgp -a -f -kx "id" secring.pgp]  [gpg --export-secret-keys "id"]

  Make Secret Key:
    To create a new "pgp" Private key of your own, this item will run
    the "pgp -kg" for you.   [pgp -kg]  [gpg --gen-key]

    Since this is highly user interactive, this action is always
    run in an external terminal. (See "Ext. Terminal" above). 

    Please read the PGP documentation carefully to know what is
    going on before using such a key seriously.

    Note: if you sign other's keys signed with your key (Local-Sign
    and Sign actions), you will need to set YOUR key's trust level to
    'ultimate' to avoid warnings that the other key is untrusted when
    decrypting or verifying messages.  Run Edit-Key on your key and
    modify the trust setting.

  Local-Sign Key:
    Signs someone elses Public key with your key.  Marks it local so
    that it cannot be exported to a keyserver.  [gpg --lsign-key]

  Sign Key:
    Signs someone elses Public key with your key.  If exported to a
    keyserver (or user) your signature will be included.  [gpg --sign-key]

  Edit Key:
    Allow full editing of a key.  The gpg menu interface is presented
    in a terminal.  [gpg --edit-key]

  Sign Only:
    Sign a text file with your public key, but do not include the
    "Clear signature" text in the file.   [pgp -s]  [gpg --sign]

  Verify .sig file:
    Often software is distributed with an accompanying separate
    PGP .sig signature file. E.g. "" and ""
    Click on this button to bring up a browser to locate the 
    .sig file (e.g. ""). You will next be prompted
    for the signed data file (e.g. "").
    [pgp f1 f2]  [gpg --verify]

    Warning: pgp command will block if you do not have the signer's
    public key on your PGP keyring. Use "Ext. Terminal" if unsure.

  Test Encrypt:
    For the single selected UserID, do a test encryption in an
    external terminal using bogus text. Useful when you have just
    added a new key, since "pgp" will block waiting for a query
    on the first encryption with the new key. You are prompted
    to do a Test Encrypt every time you add a new key.

  Enter Passphrase:
    Allows you to enter the passphrase (e.g. at startup time) without
    needing to decrypt or sign anything.

  Forget Passphrase:
    Clears the Passphrase from memory.

  Symmetric Encrypt:
    Use Symmetric (conventional) encryption.  Command is run in
    an external terminal and you must supply a password to encrypt
    the file.   [pgp -c ...]  [gpg -c ...]

  Symmetric Decrypt:
    Use Symmetric (conventional) encryption.  Command is run in
    an external terminal and you must supply the password to decrypt
    the file.   [pgp ...]  [gpg ...]

  Quick Mail
    Uses the newest file created as the email text. You are NOT
    prompted to change it (see "Mail Newest File" above to have
    more choices).  The recipients are the email addresses currently
    selected in the UserID's menu. The Subject is set to "PGP Message",
    but may be changed.
    You are prompted to view the email text via the Yes/No buttons.
    You are then prompted whether or not to send the email.

    Quick Mail is an easy way to send mail to recipients and so it is
    recommended over Mail Newst File and Past & Mail (however, use those
    if they provide the extra functionality you need.)

  Mail Newest File
    Presents you with a Mail Dialog to send a file to people. 
    Follow the instructions in the TextArea and MessageBox. The
    default Attachment file is the newest one created during the 
    "tkpgp" session, but you can provide another by overwriting
    the filename in the EntryBox or by browsing. (Note if Paste
    mode is set it is ignored, see Paste & Mail below.)
    Next, you will be prompted for Subject: and a list of who to send
    it To:. The default is the list of email addresses of the items
    currently selected under the "UserID's" menu.
    Then you are asked to Paste or Type in any text you want to 
    appear before the attachment file. Click "OK" when you're done.
    To provide text after the attachment file, note that the string
    "ATTACH" (all capitals) is expanded to the attachment file text.
      Here is the text before the PGP message
      Here is the text after the PGP message.
    Hooks for using an external editor will be added in the future.

    Mail will be sent by running a mail command (i.e. /bin/mail)
    Or can be sent via a tcp connection to a mailhost. See the
    "Config" section below on how to configure outgoing mail.
  Paste & Mail
    As "Mail Newest File", except take mail text from pasting
    into the TextArea instead of from the Lastest or a browsed

This menu contains some actions regarding your list of of Public
Keys (User ID's). You may select any number of keys. These selected
Public Keys will be used for "pgp" actions, e.g. "Encrypt" will
encrypt the message will all of the selected keys. Similar for
"Mail...", etc.

    De-Select all Public Keys.

    Display a standalone Scrollable List of your Public Keys.
    Useful if you have many (> 30) Public Keys.

    Start up a Search Dialog to search for a string in your Public Key
    Descriptions. Type the search string in the EntryBox.  Useful if
    you have many (> 30) Public Keys.

  The List:
    Either a flat menu list, or an Alphabetical breakup (i.e. A, B,
    C, ...) of your keys. Useful if you have many (> 30) Public Keys.
    See "Options / UserID List" for more information.

    The EntryBox at the bottom (usually with label "Command:")
    is used for general user input prompting (although for
    multiline input the TextArea is used). E.g. the EntryBox is
    used for filename, E-mail Subject, Yes/No dialog, etc.
    Hitting  or Clicking "OK" are equivalent.
    The same goes for Clicking "Yes" in a Yes/No dialog.
    Middle button Mouse allows pasting into the EntryBox.
    For convenience, you can type in any System command to 
    the "Command:" prompt. For example, "ls -l" or 
    "finger". Warning: Standard Error is not
    printed unless you supply (on Unix) 2>&1. This will be
    fixed somehow in the future. For now, use  to
    insert the string "2>&1"
    The EntryBox has a "History" feature to retrieve previous
    commands. Use up-down arrow keys (or PageUp/PageDown) to
    access them. Edit the lines with Left/Right arrow movements
    and BackSpace, etc. Control-U should clear the EntryBox.
    "Home", "End", "Insert", should work on the PC keyboard.

    The EntryBox also has a "Selected File History", this will
    keep a list of files selected by Browsing in the order they
    have appeared. To move back through them press ,
    pressing  will reverse direction. Remember, with
    a valid file in the EntryBox, the Browse command will select
    that file first. (You are prompted if you want to use it).

    If the envirnoment variable $TKPGPRC is set that is used as
    the only rcfile. If TKPGRC_SITE is set, that rcfile is processed
    first, then "$HOME/.tkpgprc" and finally "tkpgprc" if it exists.

    You can change any of these settings dynamically by while "tkpgp"
    is running by typing them into the Command: EntryBox prefixed by
    "set", e.g.:

        set mailhost:

    then press Enter or the OK button.

    Here is the sample ~/.tkpgprc file that indicates all of the variables
    and (for the most part) their default settings:

  # sample .tkpgprc file
  # The file can be $HOME/.tkpgprc or "tkpgprc" in work dir.
  # Pound sign "#" denotes a comment, rest to end of line is ignored.
  # Blank lines are skipped.
  # Format is   NAME:VALUE
  # booleans can be set to 0, 1, or true, false (case ignored)
  # Names are case insensitive, e.g. "VERBOSE" and "verbose" are the same. 
  # Remove the `#' signs from the items you want to set.

  # EMAIL:WHO:ADDR is a special case. It is for pgp keys w/o embedded email
  # address. pgp has key "WHO" and we give it email address "ADDR"
  #EMAIL:Rocke Verser: 

  # >> Options Menu <<
  #VERBOSE: true			# or 0, 1, true, same for all booleans
  #EXTTERM: false

  #INPUT: paste			# or "browse"
  #OUTPUT: ascii			# or "binary"

  #LISTSORT: 1			# boolean as above.
  #LISTMODE: flat			# or "alpha"

  #DAYSREMEMBERPP: 2.0		# number of days to remember passphrase.
                                # (may be a fraction or float.)
  #PGP_MIME: false		# include pgp mime headers around the output.

  #BELL: 2			# 0: never, 1 errors, 2 errors and prompts.

  # >> Mailing <<
  # MAILHOST and MAILFROM are for using a tcp socket connection to send mail.
  #    Both must be set in order for mail to be sent this way.
  # MAIL_CMD can be used to send mail.
  #    The syntax must be: MAIL_CMD -s "subject" who < mail_file

  #MAILHOST:	# sendmail host
  #MAILFROM:	# return address
  #MAIL_CMD: /bin/Mail

  # >> Misc <<
  #PGP_CMD: pgp			# set to alternative PGP command 
  #GPG_CMD: gpg			# set to alternative GPG command 
  #EDIT_CMD: xterm -e vi %s	# your editor for composing text. %s will be 
				# expanded to a filename.
  #BROWSE_CMD: my_browser %d	# your file browser, %d will be expanded to 
				# a directory name. 
  #BROWSE_CMD: internal		# OR set BROWSE_CMD to "internal" to use
				# tk's file selector.
  #XTERM_WAIT: 1		# true => there will be a hit 
				# to continue pause after pgp cmds run in
				# an xterm on Unix.
  #XTERM_OPTS:			# xterm cmdline options
  #WIPE_METHOD: pgp		# Set to "pgp" to use pgp -w to wipe files.
				# OR set to "internal" for internal method.
  #WIPE_SHELLFILES: true	# Instead of just deleting temporary
				# shell files, try wiping them too.
  #UNIX_NAMEDPIPE: true		# On Unix, instead of using regular files
				# for temporary shell files, use a FIFO
				# named pipe (i.e. a file that exists
				# in RAM only, and read only once)
  #USE_PGPPASSFD: true		# Use environment variable PGPPASSFD=0
				# to have PGP read passphrase from STDIN.
				# This is done via script or batch file
				# echoing to PGP instead of using -z
				# And a similar thing for gnugp.
  #TMPDIR: /tmp/my_eyes_only	# Absolute path to place to create
				# temp directory. Good idea to make it
				# accessible only by you (i.e. non-shared, e.g.
				#    mkdir /tmp/my_eyes_only
				#    chmod 700 /tmp/my_eyes_only
				# It may be a good idea to not have this dir
				# on NFS (i.e. have it on a local file system.)
				# Default is to use $HOME/.tkpgp
    Envoking "tkpgp" by:
    	 ... | tkpgp -
    will make the default file for "tkpgp" to process the contents
    of  or the standard input. Thus "tkpgp" can be piped
    PGP data from other programs. E.g. it could be used as a MIME
    viewer. tkpgp  should work on Windows as well.

    To force it to ignore any standard input do: tkpgp SKIP

Trouble Shooting:
    Blocked Programs problems:
     The main challenge for tkpgp is to predict when pgp will
     prompt for user input (e.g.  for a passphrase or yes/no response).
     In these cases tkpgp will either prompt you for the info and 
     pass it to pgp, or it will start pgp in an external terminal
     so you can reply to pgp directly.  If tkpgp fails to predict
     correctly it will appear to "hang" while pgp waits for input.
     It was originally hoped that even in such cases, tkpgp could
     notice pgp was blocked, and prompt for and send the reply, but
     this no longer appears feasible.
     What do you do when tkpgp hangs like this?  Basically, you should
     kill it and the processes it has spawned.  On Unix if you started
     tkpgp from a, say, xterm, you could try to type the response (e.g.
     ) in that xterm. However clunky, it might be a good idea
     to alias or have a desktop button launch tkpgp via:    
        xterm -iconic -T "Tkpgp TTY" -e tkpgp 
     On Windows 3.1 there will be an iconified DOS Terminal, and you
     could de-iconify that.  On Windows 95 and NT you will have to kill
     the programs by hand, sorry.

    Pasted Text problems:
     If for some reason you are typing into the text area for the
     paste-in text dialog, the inputted text can be lost. Why this
     happens is unclear...
Well, that's all I can think of. Email suggestions/bugs
to me, Karl Runge, at

Version: GnuPG v1.4.0 (GNU/Linux)

Version: 2.6.2