lotus

previous page: 3.16. I heard that the NSA put a back door in MIT PGP, and that they only allowed it to be legal with the back door.
  
page up: PGP FAQ
  
next page: 3.18. Can I use PGP under a "swapping" operating system like Windows or OS/2?

3.17. Can I put PGP on a multi-user system like a network or a mainframe?




Description

This article is from the PGP FAQ, by Jeff Licquia jalicqui@prairienet.org with numerous contributions by others.

3.17. Can I put PGP on a multi-user system like a network or a mainframe?

Yes. PGP will compile for several high-end operating systems such as
Unix and VMS. Other versions may easily be used on machines connected
to a network.

You should be very careful, however. Your pass phrase may be passed
over the network in the clear where it could be intercepted by network
monitoring equipment, or the operator on a multi-user machine may
install "keyboard sniffers" to record your pass phrase as you type it
in. Also, while it is being used by PGP on the host system, it could
be caught by some Trojan Horse program. Also, even though your secret
key ring is encrypted, it would not be good practice to leave it lying
around for anyone else to look at.

So why distribute PGP with directions for making it on Unix and VMS
machines at all? The simple answer is that not all Unix and VMS
machines are network servers or "mainframes." If you use your machine
only from the console (or if you use some network encryption package
such as Kerberos), you are the only user, you take reasonable system
security measures to prevent unauthorized access, and you are aware of
the risks above, you can securely use PGP on one of these systems. As
an example of this, my own home computer runs Linux, a Unix clone. As
I (and my wife) are the only users of the computer, I feel that the
risks of crackers invading my system and stealing my pass phrase are
minimal.

You can still use PGP on multi-user systems or networks without a
secret key for checking signatures and encrypting. As long as you
don't process a private key or type a pass phrase on the multiuser
system, you can use PGP securely there.

 

Continue to:













TOP
previous page: 3.16. I heard that the NSA put a back door in MIT PGP, and that they only allowed it to be legal with the back door.
  
page up: PGP FAQ
  
next page: 3.18. Can I use PGP under a "swapping" operating system like Windows or OS/2?