![]() |
GPG Support in Fire |
What is GPG?
GPG (short for Gnu Privacy Guard, or GnuPG) is an open-source implementation of PGP (Pretty Good Privacy). It is an assymmetric encryption systems based on a trust model. Each person has a key pair (private and public key). The public key is just that -- public. This key is given to the world. The private key on the other hand should be guarded safely and stored encrypted with a pass phrase -- don't worry GPG does this for you.
Due to some facinating properties of prime numbers and number theory details that are out of the scope of this documentation, we get assymmetric cryptography. In short, things can be encrypted with a person's public key and then can only be decrypted with the corresponding private key. Also, things can be signed with a private key and verified with the corresponding public key. Fire can use GPG to encrypt instant messages.
Getting Started With GPG
In order to use GPG in Fire, you must have a copy of GPG installed and working. There is a Mac OS X install package for GPG that can be found on sourceforge.
Fire does not work with GPG if you used fink to install GPG. We are looking into why. To use GPG with Fire, you need to install GPG using the OS X pkg installer. (Visit the download page if you want to verify the download.) |
Creating Your Key
Once GPG installed, you will need to create your own key. In a Terminal, type:
gpg --gen-key
Use a DSA and El gamal key and follow the defaults. At this point, you should really read the GPG documentation about the options you are choosing. Understanging key expiry and why your private key should be private is vital to your use of GPG in any application.
Once GPG is working on your system (use gpg --list-keys
to see the keys on your keyring; you should see your key listed), you need to tell Fire to use your public key in the Profile preferences.
Importing Keys
To import arbitrary keys, obtained via email or the Internet, refer to the GPG documentation.
Exchanging Public Keys within Fire
Fire supports the seamless exchange of public keys with other users. While a chat window is open to the person you wish to give your public key, select "Send Public Key" from the security toolbar item. Your key will be sent.
When someone sends you their public key, Fire will display the key information and ask you whether you want to import the key.
Signing and Encrypting Messages
To sign and encrypt messages, you should add the Security toolbar item to your toolbar. This will allow you to quickly change the security settings, as well as see the current settings.
When a signed or encrypted message is sent or received, one of the following icons will be shown next to the user name in the chat window.
Icon | Signed | Encrypted | |
---|---|---|---|
![]() |
Yes | Yes | |
![]() |
Yes | No | |
![]() |
No | Yes | |
![]() |
No | No |
When you receive a message with an invalid signature, a broken seal icon will be shown next to the lock.
You can set the default security settings on a per-buddy basis.
IMPORTANT: Due to limitations in Yahoo!'s system, GPG will not function properly with Yahoo!.