Silk Road forums

Discussion => Security => Topic started by: angelbunny on December 10, 2011, 04:22 am

Title: Is it ok to attach an encrypted gpg file?
Post by: angelbunny on December 10, 2011, 04:22 am
If I encrypt a txt file OpenGPG (I'm an OSX user.) creates a .gpg file with the encrypted contents.

However, opening that gpg file into textedit and then copying and pasting that encrypted information seems like it may not work.

This leads to probably the most noobish question on this board: Is it common etiquette for the encrypted message to be attached, or is there another way to go about this?

I AM NOT using a mail client that encrypts text for me, so this is not a thunderbird/mail.app question, but more a generic encryption question for web based mail.
Title: Re: Is it ok to attach an encrypted gpg file?
Post by: Linus Van Pelt on December 10, 2011, 05:00 am
I had the same issue.

What I did was type the message into TextEdit, then highlight the message, then select (on the menu bar) TextEdit-->Services-->Open PGP: Encrypt.  Select the recipient's public key and you're good to go with a message that begins like this:

-----BEGIN PGP MESSAGE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

hQIOAxVS+5wS636jEAf/cXQwCxCnezh7p+pp/0NxGU10kRSeRpwtscH1NKIIFPRP
etc etc

Hope that helps
Title: Re: Is it ok to attach an encrypted gpg file?
Post by: subtlety on December 10, 2011, 05:02 am
I don't use osx, but here's how I think most people do it (I do it this way in windows):

Highlight and copy the actual text of the message.
Encrypt the text itself using the clipboard function of your gpg, you'll have to select a recipient for this part.
Paste encrypted text into the message box.
Be sure to give the recipient your public key, or they can't decrypt the msg.

If you're using command lines, then I can't help you.

You can encrypt the file, then send the .gpg file to the recipient and they could then decrypt it and access it. But personally, I wouldn't open an attachment or file from someone here unless I knew/trusted them. Not sure if there's a consensus on this.

Hope that helps, like I said, I don't use OSx and my encryption is GPG4Win.

Edit: Yeah, what Linus said... But my answer to the thread title stands. I doubt anyone's gonna open an attachment from someone on a site we're all using specifically to remain anonymous.
Title: Re: Is it ok to attach an encrypted gpg file?
Post by: angelbunny on December 10, 2011, 07:47 am
I had the same issue.

What I did was type the message into TextEdit, then highlight the message, then select (on the menu bar) TextEdit-->Services-->Open PGP: Encrypt.
I figured it out. I have to go into the service preferences and check the OpenPGP options so they appear in the services menu.

Sometimes it is the simple things that elude us.

THANK YOU!!
Title: Re: Is it ok to attach an encrypted gpg file?
Post by: calcium on December 10, 2011, 06:33 pm
By default PGP often encrypts in binary mode. What you want for ease is "ASCII armored" mode, ie the version we can cut and paste.

Don't upload files if you can avoid it, because depending on the exact details, that can reveal the file's full name & path (eg /users/yourname/documents/somefile.txt), and boom you just deanonymized yourself. :-P