[HOME] [NSRG] [インフラ] [fml4] [fml8] [北海道] [おすすめの本] Powered by NetBSD and [nuinui.net] .

Case Study: PGP/PGP Based Authentication In Posting

Caution

Please install Crypt::OpenPGP perl module firstly. It is better to use OS dependent pacakge system since Crypt::OpenPGP depends a lot of other packages.

Recipes

1. PGP/PGP Based Authentication In Posting

1. PGP/PGP Based Authentication In Posting

check_pgp_signature options enables PGP/GPG based auth. If the degital signature is confirmed, the user can post articles.

article_post_restrictions       =       reject_system_special_accounts
                                        check_pgp_signature
                                        reject
This function is disabled by default. Change article_post_restrictions if use.

Key Operations

PGP KEY RING directories are separeted for each purpose. For example, the keyring dir for article pgp auth is $ml_home_dir/etc/pgp-article-post-auth/ directory, the keyring dir for remote administration by command mail is $ml_home_dir/etc/pgp-admin-command-mail-auth/ directory.

Use pgp2, pgp5 and gpg commands to edit keys under them It is useful to use the following fmlpgp wrapper command. The wrapper sets up proper environment variables.

[Example] operations for elena ML

fmlpgp elena --article-post-auth -kg
the command line options available:
--article-post-auth       (auth for post article)
--command-mail-auth       (auth for command mail)
--admin-command-mail-auth (auth for admin command mail)
--article-post-encrypt    (article encryption)

Available wrappers follow:

pgp2: fmlpgp

pgp5: fmlpgp5 fmlpgpe fmlpgpk fmlpgps fmlpgpv

gpg: fmlgpg fmlgpgv

[HOME] [NSRG] [インフラ] [fml4] [fml8] [北海道] [おすすめの本] Powered by NetBSD and [nuinui.net] .
Copyright (C) 1993-2017 Ken'ichi Fukamachi mail:< fukachan at fml.org >