The main webpage for tkpgp is here.
---------------------------------------------------------------------------- ! copyright tkpgp v2.1 Copyright (c) 1996-2010 Karl J. Runge This is a program that provides a gui front end to Philip Zimmermann's Pretty Good Privacy(tm) (PGP) Public-key encryption system and also the Gnu Privacy Guard (GnuPG/gpg) implementation. It utilizes the Clipboard Selection heavily to ease moving pgp-processed text both to and from any of your apps (mail reader, news reader, editor, etc...) No need to select the output text by hand or by typing in a filename, it is usually placed in the Selection automatically for you! History: -------- tkpgp was first written way back in 1996 as a front-end to PGP. A couple years after that there was a separate and similar project, also named tkpgp, by tftp at yahoo.com, but that one was abandoned around 2000. The original tkpgp (by Karl J. Runge) lives on! It now supports GnuPG. Back in 1996, it was novel to have a GUI front-end to PGP. Nowadays (2010) there are many front-ends to PGP/GPG: GPA, KGpg, Seahorse; and mail-client integration: Enigmail, Evolution, KMail, mutt, and many others. It is recommended that you try some of those first. tkpgp is kind of an oddball, ugly duckling, geeky utility. tkpgp is intended for people who like things a little different and hacky. Requirements: ------------- It works for PGP version 2.6.2 and/or GnuPG 1.4.0 or later. PGP (pgp) and/or GnuPG (gpgp) needs to be installed on your system with "pgp/gpg" in your PATH somewhere. Read a little bit about PGP and make a key or two and encrypted message by hand before trying tkpgp. Tkpgp also requires tcl/tk's wish version 8.0 or higher. You can get tcl/tk at: http://www.tcl.tk Tkpgp has been written to detect the operating system it is running on. For some time now it has been working fine on Unix. Now (2010) Obsolete: | Recently (11/97) initial support for Win95 and Win3.1 has been provided | under tcl/tl 8.0. Still some kinks to work out on Windows, but it is | usable. Support for WinNT has not been tested, but should be easy (if | not already there). Tkpgp runs OK on Win3.1 but there are some annoyances | such as the need to manually deiconify the DOS box for interactively run | PGP commands (e.g. secret key generation) Mac support will most likely | not happen since there is no exec, and I imagine PGP is already a GUI | rather than a STDIO program. Note: Windows support for GnuPG has not been attempted. There are currently no plans to support it on Windows anymore. Note: tkpgp works on MacOSX. XQuartz and xterm are used for the terminal. You will need to explicitly install the gpg package. Installation: ------------- This package comes with two tcl/tk program's "tkpgp" and "browse". "browse" is a standalone file-selector-dialog-box, useful to embed in other apps and shell scripts to get user input for a filename. In the "tkpgprc" file setting BROWSE_CMD to "internal" will use Tk's internal file open dialog. "browse" stdout seems to be lost on Windows, so "internal" should be used there. You do not have to use "browse" if you do not want to. Another interesting cmdline tool included is "tpg", here is its help output: # tpg -h tpg: example tkpgp communication channel script. This is roughly like gpg-agent, but uses a running tkpgp. tkpgp Auto Command must be enabled for it to work. If you have Auto Password enabled in tkpgp (recommended) it will automatically use the password you have supplied to it. tpg [-V] [-T|-TT] [-b] [option] [file ...] -V verbose printout -T trim off leading '> ' or '| ' -TT apply -T and also re-insert leading '> ' in output. -b send "BROWSE:" input option to tkpgp (e.g. for binary file.pgp) option: -d decrypt (the default) -s sign -so sign only -v verify -a verify application/pgp-signature attachment (headers are modified.) -e encrypt (recipients must be selected in tkpgp) -es encrypt+sign (recipients must be selected in tkpgp) -c clear text from main window -t delete all tmp files files on cmdline are read in as the data to be processed. result is printed out to stdout. >> Unix: Unpack the tar gzipped file. cd down into the directory it created, Move "tkpgp" and "browse" and "tpg" (browse and tpg are optional) to somewhere in your PATH. Copy the "tkpgprc" file to ~/.tkpgprc and edit any preferences (e.g. MAILHOST...) You must have the wish program (version 8.0 or above) in your PATH If for some reason you don't want to do that, add a "shebang" line: #!/usr/local/bin/wish8.4 to the very top of "tkpgp" and "browse", where /usr/local/bin/wish8.4 is, say, the full path to the wish binary. tkpgp and browse come with the more portable: #!/bin/sh # the next line restarts using wish \ exec wish "$0" "$@" which utilizes your PATH. To install permanently move "tkpgp" and "browse" to some standard place, e.g. /usr/local/bin or ~/bin, in your PATH. >> Windows: Install tcl/tk (e.g. tcl84.exe). Unpack the zip file, via pkunzip -d tkpgp.zip. This will create directory TKPGP containing the program "tkpgp.tcl". Edit the "tkpgprc" file in the TKPGP directory if you want to change any preferences. Make a shortcut or program item if you want. Running: -------- If pgp and/or gpg is installed on your system, typing "tkpgp" (on Unix) in this directory should start it up OK and it should be able to do most things. On windows launch via shortcut, Run..., or Explorer. Click the Help, then "Contents" button for more information. I STRONGLY advise you to backup your PGP (~/.pgp) or GnuPG (~/.gnupg) directory to be sure tkpgp doesn't do something unexpected to the important data there. It is beta software and it has only been tested at length in my environment. It is not clear to me what will happen for certain customizations a user may have put into ~/.pgp/config.txt (I am a pretty vanilla PGP user). Misc: ----- I wrote this program since I continue to be fascinated by RSA and PGP. I also wrote it as a learning experience for gui and program design. If there are too many features, a missing feature, or any other suggestions you have, please let me know. It is not clear to me that a standalone PGP gui is the what people will want, especially in the long term. In general I think people will want PGP integrated into their mail reader, news reader, and even WWW browser. That is alot of distributed work, and so I thought it would be fun to see how useful a standalone GUI interface to PGP would actually be. On of the great things about PGP, even the somewhat dated version 2.62 I use, is that it is widely distributed around the world. Thank god for this encryption tool for ordinary people! Tkpgp makes a nice GUI interface for this encryption tool! Karl Runge ------------------------------------------------------------------------------- Included below is the (long!) "tkpgp" Howto section that tries to describe everything. HELP_CONTENTS: tkpgp v2.1 Copyright (c) 1996-2010 Karl J. Runge =================== How to use "tkpgp": =================== There is no replacement for reading and understanding the PGP/GPG documentation =============================================================================== Ideally, you know a little bit about the PGP (pgp) or GnuPG (gpg) command for the more frequently used actions, and want to use "tkpgp" for help avoid the extra typing, manipulating, and having to remember the command line syntax. "tkpgp" may also help one to learn about the PGP tools and encryption methods. "tkpgp" requires that PGP (pgp) and/or GnuPG (gpg) be installed on your system and this program(s) is accessible from your PATH variable. It works for Pretty Good Privacy(tm) version 2.6.2 and GnuPG 1.4.0 and later. When "tkpgp" starts up it checks if it can find pgp/gpg on your system. It then runs the command with the -kv/-k flags to obtain the names of the keys on your public key ring. It places these in the "User ID" pull down menu. In the following, "TextArea" will refer to the scrolling area of text that "tkpgp" displays as its body. "EntryBox" will refer to the entry box and confirmation buttons near the bottom where the user types in information. "MessageBox" is the label at the very bottom where information messages are posted. The word "Selection" is used (on Unix) to mean the PRIMARY X selection. Input methods: The default input method is to "Paste-in" from the Selection. For example, to Encrypt a message you simply paste it into the TextArea. In Paste-in mode you can, of course, also type directly in the TextArea. Also, a very quick way to input the contents of the Selection is to press Ctrl-R, this is equivalent to pasting in the text and then clicking "OK" to have the selected action performed on it. Clicking the Right-Mouse button (Button-3) does the same as Ctrl-R. The other input method is "Browse". In this method you select an input file via a simple file browser that is presented. Click your way through the directories, then select the file you want to use. I prefer the "Paste-in" mode since it is an easy way to couple my e-mail, news reader, or browser with PGP: I just copy-n-paste back and forth between the app and "tkpgp". ====================== The Main Actions: ====================== These are used alot, and so appear as buttons on "tkpgp"'s main Menubar at the top of the application. Encrypt: -------- By clicking on the "Encrypt" button will asked to paste into the TextArea or be presented with a file Browser ("browse", a program that should have come along with "tkpgp") to select a file to Encrypt. If you had typed/pasted a filename into the "Command:" EntryBox before hitting "Encrypt", that file would be used without calling the Browser. Paste or type in the text (Ctrl-R is a quick way to paste in the Selection. Clicking the Right-Mouse button does the same.) or, if in Browse mode, select a file by browsing for it then double clicking on it. Otherwise, type the name into the Browser's entry box and click "OK". Since Encrypting requires using someone's Public Key you must have selected at least one from the "User ID" pull down menu. "tkpgp" will do some simple checking to guess if the "pgp" Encrypting action may overwrite an existing file and ask you if you want to backup that file (e.g. Encrypting "myfile" may clobber "myfile.asc") "pgp" will then be run, and its messages will be displayed with highlighting in the "tkpgp" scrolling TextArea. The newly created encrypted filename should be highlighted and selected for easy pasting into other applications. To view and select the contents of the new file, Click "File", then "Show Newest File". Note that (with gpg) '--trust-model always' is applied to automatically encrypt with the key you selected and not prompt you if the keys trust cannot be determined. See the gpg(1) man page for details on why you might not want to do this unless you verify the key more carefully. [pgp -e ...] [gpg --encrypt ...] Decrypt: -------- Clicking on the "Decrypt" button asks you to Paste-in an encrypted message (see Ctrl-R above) or you will presented with a file Browser. Proceed as before under "Encrypt". Now since Decrypting means you must use one of your Secret Keys to decrypt the file, you will be prompted for your Pass Phrase (see the PGP documentation for more info). Type the Pass Phrase into the EntryBox at the Bottom and press
or Click "OK". "tkpgp" will check for the possible clobbering of files as above, and if all goes well, the file will be decrypted by the "pgp" action. The new filename should be highlighted along with any messages, and you can also view the file via Clicking "File", then "Show Newest File" as before. [pgp ...] [gpg ...] Sign: ----- Clicking on the "Sign" button will once again ask you to Paste-in data or present you with a file Browser. Input the data as before. Now you can sign a Message with your Private Key, to, say, send off to others. Once you have selected the filename and provided your Pass Phrase to the EntryBox prompt the file will be Signed in "pgp"'s "Clear Sig" mode. View, Select, etc, the new file as before. [pgp -st ...] [pgp -s ...] [pgp -es ...] [gpg --clearsign ...] [gpg --sign ...] [gpg --encrypt --sign ...] Verify: ------- Clicking on the "Verify" button will again be asked to Paste-in the Selection or be presented with the file Browser. Proceed as before with "Encrypt" or "Decrypt". In this case someone has Signed a message with their Private Key and has publicized the signed message. If you have their Public Key (displayed in "User ID" menu) "tkpgp" and "pgp" can Verify that the message is really from the sender and has not been tampered with. "tkpgp" will check for the possible clobbering of files as above, the messages from the "pgp" action will be presented to you with highlighting in the TextArea. Viewing any created files can be done as mentioned above. [pgp ...] [gpg --verify ...] Enc+Sign: ------------- Clicking on the "Enc+Sign" button will both sign a text file with your public key, then Encrypt it for the selected Recipient(s). Note that (with gpg) '--trust-model always' is applied to automatically encrypt with the key you selected and not prompt you if the keys trust cannot be determined. See the gpg(1) man page for details on why you might not want to do this unless you verify the key more carefully. [pgp -es ...] [gpg --encrypt --sign] Cancel: ------- The Cancel button is normally disabled, but during an Action if you decide you do not want to continue the action, click this button to terminate it. All Action buttons will be greyed out when the Cancel button is active, so it should be pretty clear when the Cancel button can be used. ============= Is that All?: ============= Perhaps that is all one really needs to do in most cases, and hopefully "tkpgp" works well in performing those tasks. But, of course, there's a lot more... ----- File: ----- Open: ----- Select a file with the file browser for subsequent processing. Currently requires the "browse" tcl/tk program supplied with "tkpgp". Compose: -------- Starts up an editor. You can compose your message in there and then copy-n-paste or save to a file and read into "tkpgp". You can compose directly in the TextArea if you like, but this is somewhat awkward. Set the EDIT_CMD directive below under "Misc" on how to set your editor.. Select All Text: ---------------- Places the entire session Log into the selection. Ctrl-/ does the same. Clear All Text: --------------- Deletes all text from the TextArea. To delete just part of the text in the TextArea highlight it with the mouse then then press the "BackSpace" key. Find: ------ Find a pattern in the TextArea (case is ignored). Enter the pattern to match in EntryBox when prompted by "Find:". Click on "Fwd" or press "Enter" to search forward from the cursor. Click on "Back" to search backward. Ctrl-F and Ctrl-B also search forward/backward (note Capitals). These two keypresses may be used directly to search for the last pattern searched for without initiating a Find dialog. Click "OK" or press "Escape" to finish the Find dialog. In the TextArea and EntryBox Ctrl-f initiates a Find dialog. Delete Tmp Files: ----------------- Attempts to delete ALL the tempfiles in the Temporary directory. They are "Wiped" and synced before removal. Wiping means to open the file, overwrite its contents with a fixed character, sync(1) the hard disks, and then delete the file. This is far from bulletproof, but should thwart simple attempts to read sensitive data left on the hard disk after file removal. List New Files: --------------- Prints to the TextArea the list of files created or modified during the current "tkpgp" session. The latest one is highlighted and selected for easy pasting into other apps. Show Newest File: ----------------- Displays the most recently created file during this session in the TextArea. Also exports that text to the selection. If the file appears to be binary it will not be printed. Restart: -------- As in Exit (see below), however it restarts itself and carefully exchanges the most recent passphrase (if any.) This is a sure way to clear memory of any sensitive information and keep working with the current passphrase. Note: the process will be running in the background after this action. Exit: ----- Exits the programs. Cleans up any temporary files or directories. These temporary files are Wiped (see above), synced and then removed. -------- Options: -------- There are a variety of options for "tkpgp", some very useful some esoteric. See the "Config" section below on how to change these defaults. In the order they appear in the "Options" pull down Menu, here they are: Verbose: -------- If set, more information will be displayed to the scrolling TextArea as "pgp" commands are run. E.g. more information about Keys and any created files. Unsetting it does NOT make the outputting extremely terse, so it really doesn't provide a big effect. Always Show: ------------ If set, the program will most always try to display the contents of the file created by the most recent action. Contents will also be put into the selection. Unsetting it will cause the displaying to occur less frequently. External Terminal: ------------------ "tkpgp"'s default is to ask for input and then provide "pgp" action output in the TextArea. It seems the "pgp" program cannot be tricked into using the Standard Input stream for user responses (i.e. for pass phrase or whether to overwrite an existing file). That is to say "pgp" needs a real TTY for these actions. If "Ext. Terminal" is set, then the "pgp" actions (except for trivial ones, e.g. help: "pgp -h") will get a real TTY by being run in an external terminal program. On Unix and MacOSX this is "xterm". Prefer GPG: ---------- "tkpgp" was written way back in the days (1996) of PGP 2.6.x It now supports GnuPG (Gnu Privacy Guard -- GPG.) It can still do both PGP and GPG (as long at the external commands "pgp" and "gpg" exist on the machine.) However, for some actions it cannot autodetect which one to use. This setting means to choose GPG in those cases. Input: ------ The default input mode is for "tkpgp" to use selection copy-n-paste. The text will be saved into a temporary file and the "pgp" action then performed on it. You can view the output and copy it to a permanent file if you like. Usually the output will automatically be placed in the selection to facilitate this. The reason for this default is that it may be easier to Paste a signed message you are reading in your Mail or News reader into "tkpgp" rather than having to save to a file an then read it in, etc. The other input mode is to use the file Browser to select a file to perform a "pgp" action on. The file Browser has C-shell like Ctrl-D and Esc/TAB file completion if you are familiar with these. Also, in this mode it first checks the Command: EntryBox contents for a presence filename, if one is there it uses that instead of using the file Browser dialog. Pasting into the TextArea can be done as follow: 1) Ctrl-V will paste the selection at the insertion cursor (vertical bar in text area) 2) Hitting the "Insert" key will also paste at the insertion cursor. 3) Place the mouse at the place you want to paste (usually at the insertion cursor point), and click the 2nd button. (middle button under Unix). Finally, instead of Clicking "OK" you may also press Ctrl-D, so a very quick way to paste is to press Ctrl-V Ctrl-D. In fact this has shortened to a single keystroke: Ctrl-R (r for read?) or Right Button. Paste Next ----------- If Input mode is "Browse", this overrides the mode to "Paste" for the next, and only next, Command action. Browse Next ------------ If Input mode is "Paste", this overrides the mode to "Browse" for the next, and only next, Command action. Auto Password: -------------- If a Passphrase or Password has already been entered, use it automatically without prompting the next time a password is needed. Auto Command: -------------- Enable a Remote Control communication channel thru ~/.tkpgp_cmd It can automatically decrypt, sign, or verify data put in that file. The results are placed in ~/.tkpgp_res See the tpg script for an example. Output: ------- The default file creation mode for "tkpgp" is Ascii. I.e. file output to "myfile.asc" type format. This just uses the "pgp" "-a" option where appropriate. To generate binary output, e.g. "myfile.pgp", select "Binary". For decryption or verification this setting may be ignored (i.e. pgp/gpg will output Ascii if that is what the plain text is.) Select "PGP/MIME" to have the encrypted or signed text come out as PGP/MIME, complete with MIME headers and etc. Hopefully you will be able to paste this into an email (including the initial headers.) When mailing from "tkpgp", only VIA MAILHOST will include the headers properly. UserID List: ------------ If you have alot of public keys the simple pull down UserID's menu will be bigger than that screen is tall. There are a couple of ways around this. The first is that the first item of the UserID's pull down menu is "ScrollBox", which gives you a standalone scrollable window with your keys. Another option is selecting "Alpha" here. This gives you an alphabetical A, B, C, breakup of your keys. Choosing the alternative "Flat" will just give you the standard pull down. This is OK if you have less than 30 or so keys. The checkbox "Sort" will make the Public Key list (in all the places it is used) be sorted alphabetically. Show Settings -------------- Shows various current settings; intended for debugging. -------- Actions: -------- There are a number of extra command actions (i.e. in addition to the Main Actions above) in the "Actions" pull down menu. List Public Keys: ----------------- Displays the keys on your pubring.pgp keyring. (verbosely if "Verbose" is set in "Options") [pgp -kv] [gpg -k] Concisely (Public): ------------------- Shows a Public Key Listing with one line per key. List Signatures: ---------------- Lists the keys along with those that have signed them. This information can be very long. If a single UserID is selected, then the printed info only pertains to that user. [pgp -kvv] [gpg --list-sigs] Show Public Key: ---------------- Displays an ascii PGP PUBLIC KEY BLOCK of the (Single) userid checked in the "User ID" menu. [pgp -a -f -kx "id"] [gpg -a --export "id"] Show Photo: ----------- If the key has a Photo attached to it, show it (gpg only.) [gpg --list-keys --list-options show-photos "id"] Search Keyserver: ----------------- Use GnuPG (gpg) --keyserver --search-keys to look for keys stored on a remote keyserver (e.g. wwwkeys.pgp.net) Does not work with pgp. You can lookup by email address, name or Key ID. You can also type "search://server/name" into the Command: entry box. You can also press Control-S to search using the X selection. The selection can be either a name, an email or an 8 digit HEX keyid. Add Key: --------------- To add a key to your PGP public key ring Click this item. You will be prompted for a file containing the person's Public Key contents (or to Paste if Paste mode is on, e.g. you finger'd a person to get their PGP PUBLIC KEY BLOCK). [pgp -ka -f < keyfile] [gpg --import keyfile] Remove Key: ----------- This will delete from your PGP keyring the (Single) userid checked in the "User ID" menu. If a Secret key also exists, it too will be removed. [pgp -kr "id"] [gpg --delete-secret-and-public-key "id"] Since this is user interactive, this action is always run in an external terminal. (See "Ext. Terminal" above). List Secret Keys: ----------------- Displays the keys on your secring.pgp keyring. (verbosely if "Verbose" is set in "Options") [pgp -kv secring.pgp] [gpg -K] Concisely (Secret): ------------------- Shows a Secret Key Listing with one line per key. Show Secret Key: ---------------- Displays an ascii PGP PRIVATE KEY BLOCK of the (Single) userid checked in the "User ID" menu. [pgp -a -f -kx "id" secring.pgp] [gpg --export-secret-keys "id"] Make Secret Key: ---------------- To create a new "pgp" Private key of your own, this item will run the "pgp -kg" for you. [pgp -kg] [gpg --gen-key] Since this is highly user interactive, this action is always run in an external terminal. (See "Ext. Terminal" above). Please read the PGP documentation carefully to know what is going on before using such a key seriously. Note: if you sign other's keys signed with your key (Local-Sign and Sign actions), you will need to set YOUR key's trust level to 'ultimate' to avoid warnings that the other key is untrusted when decrypting or verifying messages. Run Edit-Key on your key and modify the trust setting. Local-Sign Key: --------------- Signs someone elses Public key with your key. Marks it local so that it cannot be exported to a keyserver. [gpg --lsign-key] Sign Key: --------- Signs someone elses Public key with your key. If exported to a keyserver (or user) your signature will be included. [gpg --sign-key] Edit Key: --------- Allow full editing of a key. The gpg menu interface is presented in a terminal. [gpg --edit-key] Sign Only: ---------- Sign a text file with your public key, but do not include the "Clear signature" text in the file. [pgp -s] [gpg --sign] Verify .sig file: ----------------- Often software is distributed with an accompanying separate PGP .sig signature file. E.g. "foo.zip" and "foo.zip.sig" Click on this button to bring up a browser to locate the .sig file (e.g. "foo.zip.sig"). You will next be prompted for the signed data file (e.g. "foo.zip"). [pgp f1 f2] [gpg --verify] Warning: pgp command will block if you do not have the signer's public key on your PGP keyring. Use "Ext. Terminal" if unsure. Test Encrypt: ------------- For the single selected UserID, do a test encryption in an external terminal using bogus text. Useful when you have just added a new key, since "pgp" will block waiting for a query on the first encryption with the new key. You are prompted to do a Test Encrypt every time you add a new key. Enter Passphrase: ----------------- Allows you to enter the passphrase (e.g. at startup time) without needing to decrypt or sign anything. Forget Passphrase: ------------------ Clears the Passphrase from memory. Symmetric Encrypt: ------------------ Use Symmetric (conventional) encryption. Command is run in an external terminal and you must supply a password to encrypt the file. [pgp -c ...] [gpg -c ...] Symmetric Decrypt: ------------------ Use Symmetric (conventional) encryption. Command is run in an external terminal and you must supply the password to decrypt the file. [pgp ...] [gpg ...] Quick Mail ----------- Uses the newest file created as the email text. You are NOT prompted to change it (see "Mail Newest File" above to have more choices). The recipients are the email addresses currently selected in the UserID's menu. The Subject is set to "PGP Message", but may be changed. You are prompted to view the email text via the Yes/No buttons. You are then prompted whether or not to send the email. Quick Mail is an easy way to send mail to recipients and so it is recommended over Mail Newst File and Past & Mail (however, use those if they provide the extra functionality you need.) Mail Newest File ----------------- Presents you with a Mail Dialog to send a file to people. Follow the instructions in the TextArea and MessageBox. The default Attachment file is the newest one created during the "tkpgp" session, but you can provide another by overwriting the filename in the EntryBox or by browsing. (Note if Paste mode is set it is ignored, see Paste & Mail below.) Next, you will be prompted for Subject: and a list of who to send it To:. The default is the list of email addresses of the items currently selected under the "UserID's" menu. Then you are asked to Paste or Type in any text you want to appear before the attachment file. Click "OK" when you're done. To provide text after the attachment file, note that the string "ATTACH" (all capitals) is expanded to the attachment file text. E.g. Here is the text before the PGP message ATTACH Here is the text after the PGP message. Hooks for using an external editor will be added in the future. Mail will be sent by running a mail command (i.e. /bin/mail) Or can be sent via a tcp connection to a mailhost. See the "Config" section below on how to configure outgoing mail. Paste & Mail ------------- As "Mail Newest File", except take mail text from pasting into the TextArea instead of from the Lastest or a browsed filename. ---------- UserID's: ---------- This menu contains some actions regarding your list of of Public Keys (User ID's). You may select any number of keys. These selected Public Keys will be used for "pgp" actions, e.g. "Encrypt" will encrypt the message will all of the selected keys. Similar for "Mail...", etc. Clear: ---------- De-Select all Public Keys. ScrollBox: ---------- Display a standalone Scrollable List of your Public Keys. Useful if you have many (> 30) Public Keys. Search: ------- Start up a Search Dialog to search for a string in your Public Key Descriptions. Type the search string in the EntryBox. Useful if you have many (> 30) Public Keys. The List: --------- Either a flat menu list, or an Alphabetical breakup (i.e. A, B, C, ...) of your keys. Useful if you have many (> 30) Public Keys. See "Options / UserID List" for more information. --------- EntryBox: --------- The EntryBox at the bottom (usually with label "Command:") is used for general user input prompting (although for multiline input the TextArea is used). E.g. the EntryBox is used for filename, E-mail Subject, Yes/No dialog, etc. Hitting or Clicking "OK" are equivalent. The same goes for Clicking "Yes" in a Yes/No dialog. Middle button Mouse allows pasting into the EntryBox. For convenience, you can type in any System command to the "Command:" prompt. For example, "ls -l" or "finger firstname.lastname@example.org". Warning: Standard Error is not printed unless you supply (on Unix) 2>&1. This will be fixed somehow in the future. For now, use to insert the string "2>&1" The EntryBox has a "History" feature to retrieve previous commands. Use up-down arrow keys (or PageUp/PageDown) to access them. Edit the lines with Left/Right arrow movements and BackSpace, etc. Control-U should clear the EntryBox. "Home", "End", "Insert", should work on the PC keyboard. The EntryBox also has a "Selected File History", this will keep a list of files selected by Browsing in the order they have appeared. To move back through them press , pressing will reverse direction. Remember, with a valid file in the EntryBox, the Browse command will select that file first. (You are prompted if you want to use it). ------- Config: ------- If the envirnoment variable $TKPGPRC is set that is used as the only rcfile. If TKPGRC_SITE is set, that rcfile is processed first, then "$HOME/.tkpgprc" and finally "tkpgprc" if it exists. You can change any of these settings dynamically by while "tkpgp" is running by typing them into the Command: EntryBox prefixed by "set", e.g.: set mailhost: smtp.my_isp.com then press Enter or the OK button. Here is the sample ~/.tkpgprc file that indicates all of the variables and (for the most part) their default settings: # sample .tkpgprc file # # The file can be $HOME/.tkpgprc or "tkpgprc" in work dir. # # Pound sign "#" denotes a comment, rest to end of line is ignored. # Blank lines are skipped. # # Format is NAME:VALUE # # booleans can be set to 0, 1, or true, false (case ignored) # # Names are case insensitive, e.g. "VERBOSE" and "verbose" are the same. # # Remove the `#' signs from the items you want to set. #------------------------------------------------------------------------ # EMAIL:WHO:ADDR is a special case. It is for pgp keys w/o embedded email # address. pgp has key "WHO" and we give it email address "ADDR" # #EMAIL:Rocke Verser: #------------------------------------------------------------------------ # >> Options Menu << # #VERBOSE: true # or 0, 1, true, same for all booleans #ALWAYSSHOW: true #EXTTERM: false #INPUT: paste # or "browse" #OUTPUT: ascii # or "binary" #LISTSORT: 1 # boolean as above. #LISTMODE: flat # or "alpha" #AUTO_PASSWORD: 1 #AUTO_COMMAND: 1 #PREFER_GPG: 1 #DAYSREMEMBERPP: 2.0 # number of days to remember passphrase. # (may be a fraction or float.) #PGP_MIME: false # include pgp mime headers around the output. #BELL: 2 # 0: never, 1 errors, 2 errors and prompts. #------------------------------------------------------------------------ # >> Mailing << # MAILHOST and MAILFROM are for using a tcp socket connection to send mail. # Both must be set in order for mail to be sent this way. # # MAIL_CMD can be used to send mail. # The syntax must be: MAIL_CMD -s "subject" who < mail_file #MAILHOST: mailhost.mydom.net # sendmail host #MAILFROM: email@example.com # return address #MAIL_CMD: /bin/Mail #------------------------------------------------------------------------ # >> Misc << # #PGP_CMD: pgp # set to alternative PGP command #GPG_CMD: gpg # set to alternative GPG command #EDIT_CMD: xterm -e vi %s # your editor for composing text. %s will be # expanded to a filename. #BROWSE_CMD: my_browser %d # your file browser, %d will be expanded to # a directory name. #BROWSE_CMD: internal # OR set BROWSE_CMD to "internal" to use # tk's file selector. #XTERM_WAIT: 1 # true => there will be a hit # to continue pause after pgp cmds run in # an xterm on Unix. #XTERM_OPTS: # xterm cmdline options #WIPE_METHOD: pgp # Set to "pgp" to use pgp -w to wipe files. # OR set to "internal" for internal method. #WIPE_SHELLFILES: true # Instead of just deleting temporary # shell files, try wiping them too. #UNIX_NAMEDPIPE: true # On Unix, instead of using regular files # for temporary shell files, use a FIFO # named pipe (i.e. a file that exists # in RAM only, and read only once) #USE_PGPPASSFD: true # Use environment variable PGPPASSFD=0 # to have PGP read passphrase from STDIN. # This is done via script or batch file # echoing to PGP instead of using -z # And a similar thing for gnugp. #TMPDIR: /tmp/my_eyes_only # Absolute path to place to create # temp directory. Good idea to make it # accessible only by you (i.e. non-shared, e.g. # mkdir /tmp/my_eyes_only # chmod 700 /tmp/my_eyes_only # It may be a good idea to not have this dir # on NFS (i.e. have it on a local file system.) # Default is to use $HOME/.tkpgp --------- Starting: --------- Envoking "tkpgp" by: tkpgp or ... | tkpgp - will make the default file for "tkpgp" to process the contents of or the standard input. Thus "tkpgp" can be piped PGP data from other programs. E.g. it could be used as a MIME viewer. tkpgp should work on Windows as well. To force it to ignore any standard input do: tkpgp SKIP ----------------- Trouble Shooting: ----------------- Blocked Programs problems: The main challenge for tkpgp is to predict when pgp will prompt for user input (e.g. for a passphrase or yes/no response). In these cases tkpgp will either prompt you for the info and pass it to pgp, or it will start pgp in an external terminal so you can reply to pgp directly. If tkpgp fails to predict correctly it will appear to "hang" while pgp waits for input. It was originally hoped that even in such cases, tkpgp could notice pgp was blocked, and prompt for and send the reply, but this no longer appears feasible. What do you do when tkpgp hangs like this? Basically, you should kill it and the processes it has spawned. On Unix if you started tkpgp from a, say, xterm, you could try to type the response (e.g. ) in that xterm. However clunky, it might be a good idea to alias or have a desktop button launch tkpgp via: xterm -iconic -T "Tkpgp TTY" -e tkpgp On Windows 3.1 there will be an iconified DOS Terminal, and you could de-iconify that. On Windows 95 and NT you will have to kill the programs by hand, sorry. Pasted Text problems: If for some reason you are typing into the text area for the paste-in text dialog, the inputted text can be lost. Why this happens is unclear... =================================================================== Well, that's all I can think of. Email suggestions/bugs to me, Karl Runge, at firstname.lastname@example.org -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.0 (GNU/Linux) mQGiBEQoYuMRBACu4CbzAue4802Q2zvAL/fP4BkfjsVSjMYqduybe4cWR+f7xgs4 k60uZNsvs9enDc3hKoW6qhE+kkkvrN1wDJ+l8UgFarubysj4XjrtRPpRSXPj4ol6 O19JC6xidKBs+m9F71XEERXWxUNzA8NtE+1unQ7kRqWiiourcM1gXOvOCwCghHg9 RRnay9cSKLzo+0TLTvp1Bp0D/04y1PMX2lLLlCNC/V2LzR39LxFG9ugpSzIb21mG nPOfcDV+FOYK5+l+rZbSdcm0MnoOu73aNH32F7xxAcNARWoPdBMvy2NjB0o+9828 hAXaE8eVAXH0ck1ITMaVGlkVDOhDSZFRTRA+pNpWAVyRim59+D6VsqKTl0U9ZsRf RV0rBACtbCYVH91Y2rQs2AaDHaD7o71FTwog9e0qI5IuyGnkAjecabjnCvBv4hV/ /LI38a5D+zWzTu4Rzk3Awfefo7O7G/6Ee3JBbS8PzfG60pp2uk3V36y5GNUDUzyg oL5cSBaBRBVyO/iG70Ov/KwrlGpKcdwxxXVcTshWlGWrv1dJU7QjS2FybCBKLiBS dW5nZSA8cnVuZ2VAa2FybHJ1bmdlLmNvbT6IVwQTEQIAFwUCRChi4wULBwoDBAMV AwIDFgIBAheAAAoJEIIwg4JYGIj2/QoAn1lBDQb8zxV7bPk9xKPovlpkapqAAJ4+ +xx5QL0kKrRF5fWsdGHezTya9LkBDQREKGLmEAQAg75UqnUSGL55NweTjwCzaG7c +/M6Ym2iDB4mCsvaO37IZKvdGD2k2Hq7rIw1bz1Iso3XwVBhgn16OZcgvuXDGC/l KXFb5oBXs8yJgz/FcX+AXTCY6UPKInLvyPaUCyjEWHjXfdNCd/NO0y7tGKUIQZE4 n7K0QE3JKJ6z/ubXm2cABRED/0yAdXEH8qN6Y3uBXRrv+bPJBRmPVZq0hs8QToeT ZYqSIfjQDno7zHX1iWrsOEc9L+bf/Upl6LFzR3FZqzawM9IC1agxXN1xDq+Wroqr loo+ILJ3oPK34V4aja3Ib4zCh0OgaaoyMC34l2gHRdx2N7/Q4QNyznTvUTNUxDgh PjESiEYEGBECAAYFAkQoYuYACgkQgjCDglgYiPb6+wCdGRtdAuRXNTPhyuxBLD99 qfv8v2EAmgK423dnmgO9EQxr0qKH55zzbfVr =On2G -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAzNi/r0AAAEEAOPZ8gcMOQv21xcl39vNikcn5JNErGbhHUrMMhahIMQGWuB9 euhXheqc5AtEHpJLhb11Nf0T8dsLb6WrZEfMlhW/YgRwfzpLYzsPxXwMl5cUbThA 0BdsWDHPEsvPNV9bYeKqlz925MVHtuDrZTbnEWq7hx9eavYQ+QyjVATn7dTRAAUR tB1LYXJsIEouIFJ1bmdlIDxydW5nZUBjcmwuY29tPg== =cbvQ -----END PGP PUBLIC KEY BLOCK-----