PGP® Command Line
User's Guide
10.2
The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement.
Version 10.2.0. Last updated: July 2011.
Legal Notice
Copyright (c) 2011 Symantec Corporation. All rights reserved.
Symantec, the Symantec Logo, PGP, Pretty Good Privacy, and the PGP logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any.
THE DOCUMENTATION IS PROVIDED"AS IS"AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, et seq. “Commercial Computer Software and Commercial Computer Software Documentation”, as applicable, and any successor regulations. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S. Government shall be solely in accordance with the terms of this Agreement.
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
Symantec Home Page (http://www.symantec.com)
Printed in the United States of America.
10 9 8 7 6 5 4 3 2 1
Contents
About PGP Command Line |
1 |
Important Concepts |
1 |
Technical Support |
2 |
Contacting Technical Support |
3 |
Licensing and registration |
3 |
Customer service |
3 |
Support agreement resources |
4 |
Installing |
5 |
|
|
Install Location |
5 |
Supported Platforms |
6 |
System Requirements |
6 |
Windows 7 and Vista |
7 |
Windows Server 2008 and 2003 |
7 |
Windows XP |
8 |
IBM AIX |
9 |
HP-UX 11i |
9 |
Solaris 9 and 10 |
9 |
Red Hat Enterprise Linux, SLES, and Fedora Core |
10 |
Mac OS X |
10 |
Installing on AIX |
10 |
Installing on AIX |
10 |
Changing the Home Directory on AIX |
11 |
Uninstalling on AIX |
12 |
Installing on HP-UX |
12 |
Installing on HP-UX |
12 |
Changing the Home Directory on HP-UX |
13 |
Installing to a Non-Default Directory on HP-UX |
13 |
Uninstalling on HP-UX |
14 |
Installing on Mac OS X |
14 |
Installing on Mac OS X |
14 |
Changing the Home Directory on Mac OS X |
15 |
Uninstalling on Mac OS X |
15 |
Installing on Red Hat Enterprise Linux, SLES, or Fedora Core |
15 |
Installing on Red Hat Enterprise Linux or Fedora Core |
15 |
Changing the Home Directory on Linux or Fedora Core |
16 |
Uninstalling on Linux or Fedora Core |
17 |
Installing on Solaris |
17 |
Installing on Solaris |
17 |
Changing the Home Directory on Solaris |
18 |
Uninstalling on Solaris |
19 |
Installing on Windows |
19 |
PGP Command Line for Windows and PGP Desktop on the Same System |
19 |
To Install on Windows |
19 |
Changing the Home Directory on Windows |
20 |
Uninstalling on Windows |
21 |
ii Contents
Upgrading |
23 |
|
|
Relocating |
23 |
|
|
Licensing |
25 |
|
|
Overview |
25 |
License Recovery |
26 |
Using a License Number |
26 |
Using a License Authorization |
27 |
Re-Licensing |
28 |
Through a Proxy Server |
29 |
The Command-Line Interface |
31 |
Overview |
31 |
Flags and Arguments |
32 |
Flags |
33 |
Arguments |
33 |
Configuration File |
36 |
Keyserver Configuration File Settings |
39 |
Environment Variables |
40 |
Standard Input, Output, and Error |
41 |
Redirecting an Existing File |
41 |
Entering Data |
42 |
Specifying a Key |
42 |
'Secure' Options |
43 |
First Steps |
45 |
Overview |
45 |
Creating Your Keypair |
46 |
Protecting Your Private Key |
47 |
Distributing Your Public Key |
48 |
Posting Your Public Key to a Keyserver |
48 |
Exporting Your Public Key to a Text File |
49 |
Getting the Public Keys of Others |
49 |
Finding a Public Key on a Keyserver |
50 |
Importing a Public Key from a Keyserver |
50 |
Verifying Keys |
51 |
Cryptographic Operations |
53 |
Overview |
53 |
Commands |
54 |
--armor (-a) |
54 |
--clearsign |
55 |
--decrypt |
57 |
Contents iii
--detached (-b) |
59 |
--dump-packets, --list-packets |
60 |
--encrypt (-e) |
61 |
--export-session-key |
64 |
--list-sda |
65 |
--list-archive |
65 |
--sign (-s) |
66 |
--symmetric (-c) |
68 |
--verify |
69 |
Key Listings |
71 |
Overview |
71 |
Commands |
71 |
--fingerprint |
72 |
--fingerprint-details |
72 |
--list-key-details |
74 |
--list-keys (-l) |
75 |
--list-keys-xml |
76 |
--list-sig-details |
76 |
--list-sigs |
77 |
--list-userids |
77 |
Working with Keyservers |
79 |
Overview |
79 |
Commands |
79 |
--keyserver-disable |
79 |
--keyserver-recv |
80 |
--keyserver-remove |
81 |
--keyserver-search |
82 |
--keyserver-send |
82 |
--keyserver-update |
83 |
Managing Keys |
85 |
Overview |
87 |
Commands |
87 |
--add-adk |
87 |
--add-photoid |
88 |
--add-preferred-cipher |
88 |
--add-preferred-compression-algorithm |
89 |
--add-preferred-email-encoding |
89 |
--add-preferred-hash |
90 |
--add-revoker |
90 |
--add-userid |
91 |
--cache-passphrase |
91 |
--change-passphrase |
92 |
--clear-key-flag |
93 |
--disable |
93 |
--enable |
94 |
--export, --export-key-pair |
94 |
iv Contents
--export-photoid |
96 |
--gen-key |
97 |
--gen-revocation |
99 |
--gen-subkey |
100 |
--get-email-encoding |
100 |
--import |
101 |
--join-key |
102 |
--join-key-cache-only |
105 |
--key-recon-send |
106 |
--key-recon-recv-questions |
107 |
--key-recon-recv |
108 |
--remove |
109 |
--remove-adk |
109 |
--remove-all-adks |
110 |
--remove-all-photoids |
110 |
--remove-all-revokers |
110 |
--remove-expiration-date |
111 |
--remove-key-pair |
111 |
--remove-photoid |
111 |
--remove-preferred-cipher |
112 |
--remove-preferred-compression-algorithm |
112 |
--remove-preferred-email-encoding |
113 |
--remove-preferred-hash |
113 |
--remove-preferred-keyserver |
114 |
--remove-revoker |
114 |
--remove-sig |
115 |
--remove-subkey |
115 |
--remove-userid |
116 |
--revoke |
116 |
--revoke-sig |
117 |
--revoke-subkey |
117 |
--send-shares |
118 |
--set-expiration-date |
118 |
--set-key-flag |
119 |
--set-preferred-ciphers |
119 |
--set-preferred-compression-algorithms |
120 |
--set-preferred-email-encodings |
120 |
--set-preferred-hashes |
121 |
--set-preferred-keyserver |
121 |
--set-primary-userid |
122 |
--set-trust |
122 |
--sign-key |
123 |
--sign-userid |
124 |
--split-key |
125 |
Working with Email |
129 |
Overview |
129 |
Encrypt Email |
130 |
Sign Email |
131 |
Decrypt Email |
132 |
Verify Email |
132 |
Annotate Email |
132 |
Contents v
Working with a PGP Key Management Server |
135 |
|
|
Overview |
136 |
New Terms and Concepts |
136 |
Relationship with a PGP KMS |
137 |
Authentication for PGP KMS Operations |
137 |
--decrypt |
139 |
--encrypt (-e) |
139 |
--create-mak |
140 |
--export-mak |
140 |
--export-mak-pair |
141 |
Export Format |
142 |
--import-mak |
143 |
--request-cert |
144 |
--edit-mak |
144 |
--search-mak |
145 |
--delete-mak |
146 |
--create-mek-series |
147 |
--edit-mek-series |
147 |
--search-mek-series |
148 |
--delete-mek-series |
149 |
--create-mek |
150 |
--import-mek |
150 |
--export-mek |
151 |
--edit-mek |
151 |
--search-mek |
152 |
--create-msd |
153 |
--export-msd |
154 |
--edit-msd |
154 |
--search-msd |
155 |
--delete-msd |
156 |
--create-consumer |
157 |
--search-consumer |
157 |
--check-certificate-validity |
158 |
Miscellaneous Commands |
161 |
Overview |
161 |
Commands |
162 |
--agent |
162 |
--create-keyrings |
162 |
--help (-h) |
163 |
--license-authorize |
163 |
--purge-all-caches |
163 |
--purge-keyring-cache |
163 |
--purge-passphrase-cache |
163 |
--speed-test |
164 |
--version |
164 |
--wipe |
165 |
--check-sigs |
165 |
--check-userids |
165 |
vi Contents
Options |
167 |
|
|
Using Options |
167 |
Boolean Options |
168 |
--alternate-format |
168 |
--annotate |
168 |
--archive |
169 |
--banner |
170 |
--biometric |
170 |
--buffered-stdio |
170 |
--compress, --compression |
170 |
--details |
171 |
171 |
|
--encrypt-to-self |
172 |
--eyes-only |
172 |
--fast-key-gen |
172 |
--fips-mode, --fips |
173 |
--force (-f) |
173 |
--halt-on-error |
173 |
--import-certificates |
173 |
--keyring-cache |
173 |
--large-keyrings |
174 |
--license-recover |
174 |
--local-mode |
175 |
--marginal-as-valid |
175 |
--master-key |
175 |
--pass-through |
175 |
--passphrase-cache |
176 |
--photo |
176 |
--quiet (-q) |
176 |
--recursive |
176 |
--reverse-sort, --reverse |
176 |
--sda |
177 |
--skep |
177 |
--text-mode, --text (-t) |
177 |
--truncate-passphrase |
178 |
--verbose (-v) |
178 |
--warn-adk |
178 |
--wrapper-key |
178 |
--xml |
178 |
Integer Options |
179 |
--3des |
180 |
--aes128, --aes192, --aes256 |
180 |
--bits, --encryption-bits |
180 |
--blowfish |
181 |
--bzip2 |
181 |
--cast5 |
181 |
--creation-days |
182 |
--expiration-days |
182 |
--idea |
182 |
--index |
183 |
--keyring-cache-timeout |
183 |
Contents vii
--keyserver-timeout |
183 |
--md5 |
184 |
--passphrase-cache-timeout |
184 |
--partitioned |
184 |
--pgp-mime |
185 |
--ripemd160 |
185 |
--sha, --sha256, --sha384, --sha512 |
186 |
--signing-bits |
187 |
--skep-timeout |
187 |
--threshold |
187 |
--trust-depth |
187 |
--twofish |
188 |
--wipe-input-passes |
188 |
--wipe-overwrite-passes |
188 |
--wipe-passes |
188 |
--wipe-temp-passes |
189 |
--zip |
189 |
--zlib |
189 |
Enumeration Options |
189 |
--auto-import-keys |
189 |
--cipher |
190 |
--compression-algorithm |
191 |
--compression-level |
191 |
--email-encoding |
192 |
--enforce-adk |
192 |
--export-format |
192 |
--hash |
193 |
--import-format |
194 |
--input-cleanup |
194 |
--key-flag |
195 |
--key-type |
195 |
--manual-import-key-pairs |
196 |
--manual-import-keys |
196 |
--overwrite |
196 |
--sig-type |
197 |
--sort-order, --sort |
197 |
--tar-cache-cleanup |
198 |
--target-platform |
198 |
--temp-cleanup |
198 |
--trust |
199 |
String Options |
199 |
--basic-constraint |
199 |
--city, --common-name, --contact-email, --country |
199 |
--comment |
199 |
--creation-date |
200 |
--default-key |
200 |
--expiration-date |
200 |
--export-passphrase |
201 |
--extended-key-usage |
201 |
--home-dir |
201 |
--key-usage |
201 |
--local-user (-u), --user |
202 |
--license-name, --license-number, --license-organization, --license-email |
202 |
--new-passphrase |
203 |
viii Contents
--organization, --organizational-unit |
203 |
--output (-o) |
203 |
--output-file |
204 |
--passphrase |
204 |
--preferred-keyserver |
204 |
--private-keyring |
205 |
--proxy-passphrase, --proxy-server, --proxy-username |
205 |
--public-keyring |
205 |
--recon-server |
206 |
--regular-expression |
206 |
--random-seed |
206 |
--root-path |
207 |
--share-server |
207 |
--state |
207 |
--status-file |
207 |
--subject-alternative-name |
208 |
--symmetric-passphrase |
208 |
--temp-dir |
208 |
List Options |
209 |
--additional-recipient |
209 |
--adk |
209 |
--input (-i) |
209 |
--question / --answer |
210 |
--keyserver |
210 |
--recipient (-r) |
211 |
--revoker |
211 |
--share |
211 |
File Descriptors |
212 |
--auth-passphrase-fd, auth-passphrase-fd8 |
212 |
--export-passphrase-fd, --export-passphrase-fd8 |
213 |
--new-passphrase-fd, --new-passphrase-fd8 |
213 |
--passphrase-fd |
213 |
--proxy-passphrase-fd, --proxy-passphrase-fd8 |
214 |
--symmetric-passphrase-fd, --symmetric-passphrase-fd8 |
214 |
Lists |
215 |
|
|
Basic Key List |
215 |
The Default Key Column |
216 |
The Algorithm Column |
216 |
The Type Column |
217 |
The Size/Type Column |
217 |
The Flags Column |
218 |
The Key ID Column |
219 |
The User ID Column |
219 |
Detailed Key List |
220 |
Main Key Details |
221 |
Subkey Details |
227 |
ADK Details |
229 |
Revoker Details |
230 |
Key List in XML Format |
230 |
Elements with fixed settings |
234 |
X.509 Signatures |
236 |
Contents ix
Detailed Signature List |
237 |
Usage Scenarios |
243 |
|
|
Secure Off-Site Backup |
243 |
PGP Command Line and PGP Desktop |
243 |
Compression Saves Money |
244 |
Surpasses Legal Requirements |
245 |
Searching for Data on a PGP KMS |
247 |
Overview |
247 |
Operators |
248 |
Types |
248 |
Keyword Listing |
248 |
Example Searches |
250 |
For Linux and Mac OSX |
250 |
For Windows |
250 |
More About Types |
251 |
Time Fields |
251 |
Boolean Values |
251 |
Open PGP Algorithms |
252 |
Open PGP Key Usage Flags |
252 |
Key Modes |
252 |
Creating a Certificate Signing Request |
255 |
About CSRs |
255 |
Creating a CSR using PGP Command Line |
256 |
Codes and Messages |
259 |
Messages Without Codes |
259 |
Messages With Codes |
260 |
Parser |
260 |
Keyrings |
261 |
Wipe |
262 |
Encrypt |
262 |
Sign |
262 |
Decrypt |
263 |
Speed Test |
263 |
Key edit |
264 |
Keyserver |
269 |
Key Reconstruction |
270 |
Licensing |
271 |
PGP Universal Server |
272 |
General |
272 |
Exit Codes |
280 |
x Contents
Frequently Asked Questions |
283 |
|
|
Key Used for Encryption |
283 |
"Invalid" Keys |
283 |
Maximum File Size |
284 |
Programming and Scripting Languages |
285 |
File Redirection |
285 |
Protecting Passphrases |
285 |
Quick Reference |
287 |
Commands |
287 |
Options |
290 |
Environment Variables |
294 |
Configuration File Variables |
295 |
Index |
299 |
|
|
1 |
About PGP Command Line |
|
|
|
PGP Command Line is a command line product for performing cryptography and key |
||
|
management tasks. It operate as a stand-alone product that performs those tasks |
||
|
locally. It can also operate as a client product that interacts PGP Universal Server to |
||
|
perform those tasks. |
|
|
|
With PGP Command Line, you can write command line scripts that use PGP technology |
||
|
to perform these tasks: |
|
|
|
|
Encrypt, sign, and decrypt individual files or collections of files |
|
|
|
Create and manage keys on a local keyring |
|
|
|
Access keys on PGP Universal Server and other keyservers |
|
|
|
Manage keys on PGP Universal Server |
|
|
|
Create consumer (user) accounts on PGP Universal Server |
|
|
|
Manage X.509 certificates, including requesting and validating a certificate |
|
|
|
Encrypt, sign, and decrypt email |
|
|
You can insert PGP Command Line commands into scripts for automating tasks. PGP |
||
|
Command Line commands are easily added to shell scripts or scripts written with |
||
|
scripting languages, such as Perl or Python. |
|
|
|
For example, consider a company that regularly backs up a large sensitive database to |
||
|
an off-site location. A script runs automatically to perform the backup. This company |
||
|
can add PGP Command Line commands to that script to compress and encrypt the |
||
|
database before transmitting it to the off-site location. It can also add commands to |
||
|
decrypt and uncompress the database when it arrives at its destination. |
|
|
|
In This Chapter |
|
|
|
Important Concepts ........................................................................................................ |
1 |
|
|
Technical Support ........................................................................................................... |
2 |
The following concepts are important for you to understand:
environment variables: Environment variables control various aspects of PGP Command Line behavior; for example, the location of the PGP Command Line home directory. Environment variables are established on the computer running PGP Command Line.
2About PGP Command Line Technical Support
configuration file variables: When PGP Command Line starts, it reads the configuration file, which includes special configuration variables and values for each variable. These settings affect how PGP Command Line operates. Configuration file variables can be changed permanently by editing the configuration file or overridden on a temporary basis by specifying a value for a configuration file variable on the command line.
Self-Decrypting Archives (SDAs): PGP Command Line lets you create SDAs, compressed and conventionally encrypted archives that require a passphrase to decrypt. SDAs contain an executable for the target platform, which means the recipient of an SDA does not need to have any PGP software installed to open the archive. You can thus securely transfer data to recipients with no PGP software installed. You will have to communicate the passphrase of the SDA to the recipient, however.
Additional Decryption Key (ADK): PGP Command Line supports the use of an ADK, which is an additional key to which files or messages are encrypted, thus allowing the keeper of the ADK to retrieve data or messages as well as the intended recipient. Use of an ADK ensures that your corporation has access to all its proprietary information even if employee keys are lost or become unavailable.
PGP Zip archives: The PGP Zip feature lets you encrypt/sign groups of files or entire directories into a single compressed archive file. The archive format is tar and the supported compression formats are Zip, BZip2, and Zlib.
Symantec Technical Support maintains support centers globally. Technical Support’s primary role is to respond to specific queries about product features and functionality. The Technical Support group also creates content for our online Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition updates.
Symantec’s support offerings include the following:
A range of support options that give you the flexibility to select the right amount of service for any size organization
Telephone and/or Web-based support that provides rapid response and up-to-the- minute information
Upgrade assurance that delivers software upgrades
Global support purchased on a regional business hours or 24 hours a day, 7 days a week basis
Premium service offerings that include Account Management Services
For information about Symantec’s support offerings, you can visit our Web site at the following URL:
www.symantec.com/business/support/
All support services will be delivered in accordance with your support agreement and the then-current enterprise technical support policy.
About PGP Command Line |
3 |
Technical Support |
|
Customers with a current support agreement may access Technical Support information at the following URL:
www.symantec.com/business/support/
Before contacting Technical Support, make sure you have satisfied the system requirements that are listed in your product documentation. Also, you should be at the computer on which the problem occurred, in case it is necessary to replicate the problem.
When you contact Technical Support, please have the following information available:
Product release level
Hardware information
Available memory, disk space, and NIC information
Operating system
Version and patch level
Network topology
Router, gateway, and IP address information
Problem description:
Error messages and log files
Troubleshooting that was performed before contacting Symantec
Recent software configuration changes and network changes
If your Symantec product requires registration or a license key, access our technical support Web page at the following URL:
www.symantec.com/business/support/
Customer service information is available at the following URL:
www.symantec.com/business/support/
Customer Service is available to assist with non-technical questions, such as the following types of issues:
Questions regarding product licensing or serialization
Product registration updates, such as address or name changes
General product information (features, language availability, local dealers)
Latest information about product updates and upgrades
Information about upgrade assurance and support contracts
4About PGP Command Line Technical Support
Information about the Symantec Buying Programs
Advice about Symantec's technical support options
Nontechnical presales questions
Issues that are related to CD-ROMs or manuals
If you want to contact Symantec regarding an existing support agreement, please contact the support agreement administration team for your region as follows:
Asia-Pacific and Japan |
customercare_apac@symantec.com |
Europe, Middle-East, Africa |
semea@symantec.com |
North America, Latin America |
supportsolutions@symantec.com |
This chapter lists the system requirements for, and tells you how to install PGP Command Line onto, the supported platforms: AIX, HP-UX, Mac OS X, Linux, Solaris, and Windows. It also includes uninstall instructions.
In This Chapter |
|
Install Location................................................................................................................ |
5 |
Supported Platforms....................................................................................................... |
6 |
System Requirements..................................................................................................... |
6 |
Installing on AIX............................................................................................................ |
10 |
Installing on HP-UX...................................................................................................... |
12 |
Installing on Mac OS X ................................................................................................. |
14 |
Installing on Red Hat Enterprise Linux, SLES, or Fedora Core .............................. |
15 |
Installing on Solaris...................................................................................................... |
17 |
Installing on Windows.................................................................................................. |
19 |
PGP Command Line uses a specific directory for the application data such as the configuration file, and a specific directory (called the home directory) for the files it creates, such as keyring files.
On any UNIX system, the application data and the home directory are identical and they are configured through the $HOME environment variable. For more information, refer to the installation instructions for the specific UNIX platform.
On Windows, the application data directory is used to store data such as the configuration file PGPprefs.xml. The home directory is called “My Documents” and is used to store keys. These two directories can be named differently, depending on the specific version on Windows. For more information, see To Install on Windows (on page 19).
Note: You can also use the --home-dir option on the command line to specify a different home directory. Using this option affects only the command it is used in and does not change the PGP_HOME_DIR environment variable.
Using --home-dir on the command line overrides the current setting of the
PGP_HOME_DIR environment variable.
6Installing Supported Platforms
You can install PGP Command Line on these platforms:
Windows XP Professional 32-bit (including Service Pack 2 or 3), Windows XP Professional 64-bit (including Service Pack 2 or 3), Windows Vista 32-bit and 64bit (including Service Pack 2), Windows 7 32-bit and 64-bit (including Service Pack 1), Windows Server 2003 32-bit and 64-bit (including Service Pack 1 or 2), Windows Server 2008 32-bit (including Service Pack 1 and 2), Windows Server 2008 R2 64-bit
HP-UX 11i and above (PA-RISC 32-bit and Itanium2 32-bit)
IBM AIX 5.3 (Technology Levels supported by IBM; as of July 2011, TL 11 and greater) and 6.1 (TL 4 and greater) PowerPC
Red Hat Enterprise Linux 5.4 (x86 and x86_64), Red Hat Enterprise Linux 5.5 (x86 and x86_64), and Red Hat Enterprise Linux 6.0 (x86 and x86_64)
SLES (SUSE Linux Enterprise Server) 10 SP2 (x86)
Solaris 9 (SPARC, 32-bit), Solaris 10 (SPARC, 32-bit), Solaris 10 (x86), Solaris 10 (x86_64)
Apple Mac OS X 10.5.x (x86) and Mac OS X 10.6.x (x86)
Note: These platforms are no longer supported: Windows 2000, Red Hat Enterprise
Linux 5.0, SLES (SUSE Linux Enterprise Server) 9, Sun Solaris 9 (x86 and x86_64),
Fedora Core 6, AIX 5.2 and Mac OS X 10.4.
In general, system requirements for PGP Command Line are the same as the system requirements for the host operating system.
In addition to the hard drive space required by the base operating system, PGP Command Line requires additional space for both the data on which cryptographic operations (such as encryption, decryption, signing, and verifying) will be applied and temporary files created in the process of performing those operations.
For a given file being encrypted or decrypted, PGP Command Line can require several times the size of the original file in free hard drive space (depending on how much the file was compressed), enough to hold both the original file or files and the final file resulting from the encryption or decryption operation.
In cases where PGP Zip functionality is used on a file, PGP Command Line may also require several times the size of the original file or files in free hard drive space, enough to hold the original file, a temporary file created when handling the archive, and the final file resulting from the encryption or decryption operation. Make sure you have adequate free hard drive space on your system before using PGP Command Line.
Installing 7
System Requirements
|
Component |
|
Requirement |
|
|
Computer and |
|
PC with 1 GHz 32-bit (x86) processor |
|
|
processor |
|
|
|
|
|
|
|
|
|
Memory |
|
1 gigabyte (GB) of RAM or higher recommended (64 MB minimum supported; |
|
|
|
|
may limit performance and some features) |
|
|
|
|
|
|
|
Hard disk |
|
15 GB of available space |
|
|
|
|
|
|
|
Drive |
|
DVD-ROM drive |
|
|
|
|
|
|
|
Display |
|
Support for DirectX 9 graphics with WDDM driver, 128 MB of graphics |
|
|
|
|
memory (minimum), Pixel Shader 2.0 in hardware, 32 bits per pixel |
|
|
|
|
|
|
PGP Command Line supports four editions of Windows Server 2008 and 2003:
Standard, Datacenter, Enterprise, and Web.
|
Component |
|
Requirement |
|
|
Computer and |
|
PC with a 133-MHz processor required; 550-MHz or faster processor |
|
|
processor |
|
recommended (Windows Server 2003 Standard Edition supports up to four |
|
|
|
|
processors on one server) |
|
|
|
|
|
|
|
Memory |
|
128 MB of RAM required; 256 MB or more recommended; 4 GB maximum |
|
|
|
|
|
|
|
Hard disk |
|
1.25 to 2 GB of available hard-disk space |
|
|
|
|
|
|
|
Drive |
|
CD-ROM or DVD-ROM drive |
|
|
|
|
|
|
|
Display |
|
VGA or hardware that supports console redirection required; Super VGA |
|
|
|
|
supporting 800 x 600 or higher-resolution monitor recommended |
|
|
|
|
|
|
|
Component |
|
Requirement |
|
|
Computer and |
|
Minimum: 400 MHz processor for x86-based computers Recommended: 733 |
|
|
processor |
|
MHz processor |
|
|
|
|
|
|
|
Memory |
|
Minimum: 512 MB of RAM |
|
|
|
|
Recommended: 1 GB of RAM |
|
|
|
|
|
|
8Installing
System Requirements
Hard disk |
1.5 GB hard-disk space for x86-based computers |
|
|
Other |
Minimum: 8-way capable multiprocessor machine required |
|
Maximum: 64-way capable multiprocessor machine supported |
|
|
These system requirements apply only to the 32-bit version of Windows Server 2003
Enterprise Edition; 64-bit versions of Windows Server 2003 Enterprise Edition are not supported.
|
Component |
|
Requirement |
|
|
Computer and |
|
133-MHz or faster processor for x86-based PCs; up to eight processors |
|
|
processor |
|
supported on either the 32-bit |
|
|
|
|
|
|
|
Memory |
|
128 MB of RAM minimum required |
|
|
|
|
Maximum: 32 GB for x86-based PCs with the 32-bit version |
|
|
|
|
|
|
|
Hard disk |
|
1.5 GB of available hard-disk space for x86-based PCs; additional space is |
|
|
|
|
required if installing over a network |
|
|
|
|
|
|
|
Drive |
|
CD-ROM or DVD-ROM drive |
|
|
|
|
|
|
|
Display |
|
VGA or hardware that supports console redirection required |
|
|
|
|
|
|
|
Component |
|
Requirement |
|
|
Computer and |
|
133-MHz processor (550 MHz recommended) |
|
|
processor |
|
|
|
|
|
|
|
|
|
Memory |
|
128 MB of RAM (256 MB recommended; 2 GB maximum) |
|
|
|
|
|
|
|
Hard disk |
|
1.5 GB of available hard-disk space |
|
|
|
|
|
|
PGP Command Line supports the 32-bit and 64-bit versions of Windows XP.
|
Component |
|
Requirement |
|
|
Computer and |
|
PC with 300 megahertz (MHz) or higher processor clock speed recommended; |
|
|
processor |
|
233-MHz minimum required; Intel Pentium/Celeron family, AMD |
|
|
|
|
K6/Athlon/Duron family, or compatible processor recommended |
|
|
|
|
|
|
Installing 9
System Requirements
Memory |
128 megabytes (MB) of RAM or higher recommended (64 MB minimum |
|
supported; may limit performance and some features) |
|
|
Hard disk |
1.5 gigabyte (GB) of available hard disk space |
|
|
Drive |
CD-ROM or DVD-ROM drive |
|
|
Display |
Super VGA (800 × 600) or higher resolution video adapter and monitor |
|
supporting 800 x 600 or higher-resolution monitor recommended |
|
|
|
Component |
|
Requirement |
|
|
Computer and |
|
PC with AMD Athlon 64, AMD Opteron, Intel Xeon with Intel EM64T support, |
|
|
processor |
|
Intel Pentium 4 with Intel EM64T support |
|
|
|
|
|
|
|
Memory |
|
256 megabytes (MB) of RAM or higher recommended |
|
|
|
|
|
|
|
Hard disk |
|
1.5 gigabyte (GB) of available hard disk space |
|
|
|
|
|
|
|
Drive |
|
CD-ROM or DVD-ROM drive |
|
|
|
|
|
|
|
Display |
|
Super VGA (800 × 600) or higher resolution video adapter and monitor |
|
|
|
|
supporting 800 x 600 or higher-resolution monitor recommended |
|
|
|
|
|
|
IBM AIX
PGP Command Line runs on the range of IBM eServer p5, IBM eServer pSeries, IBM eServer i5 and IBM RS/6000, as supported by IBM AIX 5.3 and 6.1.
HP-UX 11i
PGP Command Line runs on the list of PA-RISC workstation and servers supported by HP-UX 11i, as specified at http://docs.hp.com/ http://docs.hp.com/en/51872239/ch03s01.html.
|
Component |
|
Requirement |
|
|
Computer and |
|
SPARC (32and 64-bit) platforms |
|
|
processor |
|
|
|
|
|
|
|
|
|
Memory |
|
64 MB minimum (128 MB recommended) |
|
|
|
|
|
|
|
Hard disk |
|
600 MB for desktops; one GB for servers |
|
|
|
|
|
|
10Installing Installing on AIX
|
Component |
|
Requirement |
|
|
Computer and |
|
x86 for Red Hat Enterprise Linux and SLES, x86_64 for Fedora Core; see Red |
|
|
processor |
|
Hat or Fedora websites for hardware compatibility. |
|
|
|
|
|
|
|
Memory |
|
256 MB minimum |
|
|
|
|
|
|
|
Hard disk |
|
800 MB minimum |
|
|
|
|
|
|
Mac OS X
|
Component |
|
Requirement |
|
|
Computer and |
|
Macintosh computer, Intel-based system only |
|
|
processor |
|
|
|
|
|
|
|
|
|
Memory |
|
128 MB of physical RAM |
|
|
|
|
|
|
This section tells you how to install, change the home directory, and uninstall on AIX.
You need to have root or administrator privileges on the machine on which you are installing PGP Command Line.
To install PGP Command Line on an AIX system:
1If you have an existing version of PGP Command Line installed on the computer, uninstall it.
2Download the installer application called PGPCommandLine10IX.tar to a known location on your system.
3Untar the package first. You will get the following file:
PGPCommandLine100AIX.rpm
4Type: rpm -ivh PGPCommandLine10IX.rpm
5Press Enter.
Installing 11
Installing on AIX
By default, the PGP Command Line application, pgp, is installed into the directory /opt/pgp/bin. You need to add this directory to your PATH environment variable in order for the application to be found.
For sh-based shells, use this syntax:
PATH=$PATH:/opt/pgp/bin
For csh-based shells, use this syntax:
set path = ($path /opt/pgp/bin)
Also, in order to access the PGP Command Line man page, you need to set the
MANPATH environment variable appropriately.
For sh-based shells, use this syntax:
MANPATH=$MANPATH:/opt/pgp/man; export MANPATH
For csh-based shells, use this syntax:
setenv MANPATH "/opt/pgp/man"
By adding the option --prefix to the rpm command, you can install PGP Command
Line to a location other than the default.
Type rpm --prefix=/usr/pgp -ivh PGPCommandLine10AIX.rpm and press
Enter.
This command installs the application binary in the directory /usr/pgp/bin/pgp, libraries in /usr/pgp/lib, and so on.
You will need to edit the environmental variable LIBPATH to include the new library path (/usr/pgp/lib) so that PGP Command Line can function in a location other than the default.
By adding the option --prefix to the rpm command, you can install PGP Command
Line in a location other than the default:
1If you have an existing version of PGP Command Line installed on the computer, uninstall it.
2Download the installer application called PGPCommandLine10AIX.tar to a known location on your system.
3Untar the package first. You will get the following file:
PGPCommandLine10AIX.rpm
4 Type: rpm --prefix=/opt -ivh PGPCommandLine10AIX.rpm
5 Press Enter.
This command will install the application binary, pgp, in the directory
/usr/pgp/bin/pgp, libraries in /usr/pgp/lib, and so on.
You will need to edit the environment variable LIBPATH to include the new library path (/usr/pgp/lib), so that PGP Command Line can function in any location other than the default.
The home directory is where PGP Command Line stores the files that it creates and uses; for example, keyring files.
12Installing Installing on HP-UX
By default, the PGP Command Line installer for AIX creates the PGP Command Line home directory at $HOME/.pgp. If this directory does not exist, it will be created. For example, if the value of $HOME for user "alice"is /usr/home/alice, PGP Command Line will attempt to create /usr/home/alice/.pgp.
The PGP Command Line installer will not try to create any other part of the directory listed in the $HOME variable, only .pgp.
If you want the home directory changed on a permanent basis, you will need to create the $PGP_HOME_DIR environment variable and specify the path of the desired home directory.
Uninstalling PGP Command Line on AIX requires root privileges, either through su or sudo.
To uninstall PGP Command Line on AIX
1Type the following command and press Enter: rpm -e pgpcmdln
2PGP Command Line is uninstalled.
This section tells you how to install, change the home directory, and uninstall on HP-
UX.
You need to have root or administrator privileges on the machine on which you are installing PGP Command Line.
To install PGP Command Line on an HP-UX system
1If you have an existing version of PGP Command Line installed on the computer, uninstall it.
2Download the installer file called PGPCommandLine10HPUX.tar to a known location on your system.
3Untar the package first. You will get the following file:
PGPCommandLine10HPUX.depot
4Type: swinstall -s /absolute/path/to/PGPCommandLine10HPUX.depot
5Press Enter.
By default, the PGP Command Line application, pgp, is installed into the directory /opt/pgp/bin. You need to add this directory to your PATH environment variable in order for the application to be found.
Installing 13
Installing on HP-UX
For sh-based shells, use this syntax:
PATH=$PATH:/opt/pgp/bin
For csh-based shells, use this syntax:
set path = ($path /opt/pgp/bin)
Also, in order to access the PGP Command Line man page, you need to set the
MANPATH environment variable appropriately.
For sh-based shells, use this syntax:
MANPATH=$MANPATH:/opt/pgp/man; export MANPATH
For csh-based shells, use this syntax:
setenv MANPATH "/opt/pgp/man"
Note: You may encounter an issue generating 2048or 4096-bit keys on HP-UX systems running PGP Command Line if you have altered the maximum number of shared memory segments that can be attached to one process, as configured by the shmseg system parameter. if you encounter this issue, reset the shmseg system parameter to its default value of 120. Consult your HP-UX documentation for information about how to alter system parameters.
The home directory is where PGP Command Line stores the files that it creates and uses; for example, keyring files.
By default, the PGP Command Line installer for HP-UX creates the PGP Command Line home directory in $HOME/.pgp. If this directory does not exist, it will be created. For example, if the value of $HOME for user "alice" is /usr/home/alice, PGP Command Line will attempt to create /usr/home/alice/.pgp.
The PGP Command Line installer will not try to create any other part of the directory listed in the $HOME variable, only .pgp.
If you want the PGP Command Line home directory changed on a permanent basis, you can define the $PGP_HOME_DIR environment variable and specify the path of the desired home directory.
This procedure describes how to install PGP Command Line for HP-UX into a nondefault directory. The information provided is in addition to the information provided in Installing on HP-UX.
Note: This procedure uses /opt/pgp_alt as the non-default directory. Be sure to substitute the desired directory in place of /opt/pgp_alt.
To install PGP Command Line for HP-UX to a non-default directory
1Add the following extra argument to the swinstall command:
swinstall -s /path/to/pgpcmdln.depot pgpcmdln,l=/opt/pgp_alt
2Set all libraries to respect the SHLIB_PATH environment variable:
14Installing
chatr +s enable /opt/pgp_alt/lib/*
3Set the SHLIB_PATH environment variable to the new library directory when starting PGP Command Line:
export SHLIB_PATH=/opt/pgp_alt/lib
Uninstalling PGP Command Line on HP-UX requires root privileges, either su or sudo.
To uninstall PGP Command Line on HP-UX:
1Type the following command and press Enter: swremove pgpcmdln
2PGP Command Line is uninstalled.
This section tells you how to install, change the home directory, and uninstall on Mac
OS X.
Installing on Mac OS X
To install PGP Command Line on a Mac OS X system:
1Close all applications.
2Download the installer application, PGPCommandLine10MacOSX.tgz, to your desktop.
3Double-click on the file PGPCommandLine10MacOSX.tgz.
4If you have Stuffit Expander, it will automatically first uncompress this file into
PGPCommandLine10MacOSX.tar, and then untar it into PGPCommandLine10MacOSX.pkg.
5Double-click on the file PGPCommandLine10MacOSX.pkg.
6Follow the on-screen instructions.
The Mac OS X PGP Command Line application, pgp, is installed into /usr/bin/.
After you run PGP Command Line for the first time, its home directory will be created automatically in the directory $HOME/Documents/PGP. This directory may already exist if PGP Desktop for Mac OS X is already installed on the system.
Installing 15
The home directory is where PGP Command Line stores the files that it creates and uses; for example, keyring files.
By default, the PGP Command Line installer for Mac OS X creates the PGP Command Line home directory at $HOME/Documents/PGP. If this directory does not exist, it will be created.
The PGP Command Line installer will not try to create any other part of directory listed in the $HOME variable, only .pgp.
If you want the home directory changed permanently, you need to create the $PGP_HOME_DIR environment variable and specify the path of the desired home directory.
Uninstalling PGP Command Line on Mac OS X requires administrative privileges.
Caution: If you have PGP Desktop for Mac OS X installed on the same system with PGP Command Line, do not uninstall PGP Command Line unless you also plan to uninstall PGP Desktop. Uninstalling PGP Command Line will delete files that PGP Desktop requires to operate; you will have to reinstall PGP Desktop to return to normal operation.
To uninstall PGP Command Line on Mac OS X:
1Using the Terminal application, enter the following commands: rm -rf /usr/bin/pgp
rm -rf /Library/Frameworks/PGP* rm -rf /Library/Receipts/PGP*
2PGP Command Line is uninstalled.
Preferences and keyrings are not removed when PGP Command Line is uninstalled.
Installing on Red Hat Enterprise Linux, SLES, or Fedora Core
This section tells you how to install, change the home directory, and uninstall on a
Linux or Fedora Core system.
You need to have root or administrator privileges on the machine on which you are installing PGP Command Line.
16Installing
Installing on Red Hat Enterprise Linux, SLES, or Fedora Core
Linux installations now default to /opt/pgp, which matches the default installation location on other UNIX platforms. To install PGP Command Line on Linux to the previous installation location (/usr/bin/), use the "--prefix=/usr" option.
If you have an existing Linux installation of PGP Command Line and do not install the new version using the "--prefix=/usr" option, you will need to update your path to include /opt/pgp/bin and you will need to update any scripts accordingly.
Caution: If you want to use the XML key list functionality in PGP Command Line, you need to upgrade libxml2 to Version 2.6.8; the default is Version 2.5.10. If you attempt to use the XML key list functionality without upgrading, you will receive an error.
To install PGP Command Line on a Linux system:
1If you have an existing version of PGP Command Line installed on the computer, uninstall it.
2Download the installer file called PGPCommandLine10Linux.tar to a known location on your system.
3Untar the package first. You will get the following file:
PGPCommandLine10Linux.rpm
4Type: rpm -ivh PGPCommandLine10Linux.rpm
5Press Enter.
The PGP Command Line application, pgp, is installed by default into /opt/pgp/.
By adding the option --prefix to the rpm command, you can install PGP Command
Line in a location other than the default.
To install PGP Command Line into a different directory:
1If you have an existing version of PGP Command Line installed on the computer, uninstall it.
2Download the installer file called PGPCommandLine10Linux.tar to a known location on your system.
3Untar the package first. You will get the following file:
PGPCommandLine10Linux.rpm
4Type: rpm --prefix=/opt -ivh PGPCommandLine10Linux.rpm
5Press Enter.
This command will install the application binary in the directory /opt/bin/pgp, libraries in /opt/lib, etc. You will need to edit the environment variable LD_LIBRARY_PATH to include the new library path for the software to function in any location other than the default.
The home directory is where PGP Command Line stores the files that it creates and uses; for example, keyring files.