.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32 .\" .\" Standard preamble: .\" ======================================================================== .de Sh \" Subsection heading .br .if t .Sp .ne 5 .PP \fB\\$1\fR .PP .. .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' 'br\} .\" .\" If the F register is turned on, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . nr % 0 . rr F .\} .\" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .hy 0 .if n .na .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "PGPVERIFY 1" .TH PGPVERIFY 1 "2008-04-06" "INN 2.4.4" "InterNetNews Documentation" .SH "NAME" pgpverify \- Cryptographically verify Usenet control messages .SH "SYNOPSIS" .IX Header "SYNOPSIS" \&\fBpgpverify\fR [\fB\-test\fR] < \fImessage\fR .SH "DESCRIPTION" .IX Header "DESCRIPTION" The \fBpgpverify\fR program reads (on standard input) a Usenet control message that has been cryptographically signed using the \fBsigncontrol\fR program (or some other program that produces a compatible format). \&\fBpgpverify\fR then uses a \s-1PGP\s0 implementation to determine who signed the control message. If the control message has a valid signature, \&\fBpgpverify\fR prints (to stdout) the user \s-1ID\s0 of the key that signed the message. Otherwise, it exits with a non-zero exit status. .PP If \fBpgpverify\fR is installed as part of \s-1INN\s0, it uses \s-1INN\s0's configuration to determine what signature verification program to use, how to log errors, what temporary directory to use, and what keyring to use. Otherwise, all of those parameters can be set by editing the beginning of this script. .PP By default, when running as part of \s-1INN\s0, \fBpgpverify\fR expects the \s-1PGP\s0 key ring to be found in \fIpathetc\fR/pgp (as either \fIpubring.pgp\fR or \&\fIpubring.gpg\fR depending on whether \s-1PGP\s0 or GnuPG is used to verify signatures). If that directory doesn't exist, it will fall back on using the default key ring, which is in a \fI.pgp\fR or \fI.gnupg\fR subdirectory of the running user's home directory. .PP \&\s-1INN\s0, when using GnuPG, configures \fBpgpverify\fR to use \fBgpgv\fR, which by default expects keys to be in a keyring named \fItrustedkeys.gpg\fR, since it doesn't implement trust checking directly. \fBpgpverify\fR uses that file if present but falls back to \fIpubring.gpg\fR if it's not found. This bypasses the trust model for checking keys, but is compatible with the way that \&\fBpgpverify\fR used to behave. Of course, if a keyring is found in \&\fIpathetc\fR/pgp or configured at the top of the script, that overrides all of this behavior. .SH "OPTIONS" .IX Header "OPTIONS" The \fB\-test\fR flag causes \fBpgpverify\fR to print out the input that it is passing to \s-1PGP\s0 (which is a reconstructed version of the input that supposedly created the control message) as well as the output from \s-1PGP\s0's analysis of the message. .SH "EXIT STATUS" .IX Header "EXIT STATUS" \&\fBpgpverify\fR may exit with the following statuses: .IP "0\&" 4 .IX Item "0" The control message had a good \s-1PGP\s0 signature. .IP "1" 4 .IX Item "1" The control message had no \s-1PGP\s0 signature. .IP "2" 4 .IX Item "2" The control message had an unknown \s-1PGP\s0 signature. .IP "3" 4 .IX Item "3" The control message had a bad \s-1PGP\s0 signature. .IP "255" 4 .IX Item "255" A problem occurred not directly related to \s-1PGP\s0 analysis of signature. .SH "ENVIRONMENT" .IX Header "ENVIRONMENT" \&\fBpgpverify\fR does not modify or otherwise alter the environment before invoking the \fBpgp\fR or \fBgpgv\fR program. It is the responsibility of the person who installs \fBpgpverify\fR to ensure that when \fBpgp\fR or \fBgpgv\fR runs, it has the ability to locate and read a \s-1PGP\s0 key file that contains the \s-1PGP\s0 public keys for the appropriate Usenet hierarchy administrators. \&\fBpgpverify\fR can be pointed to an appropriate key ring by editing variables at the beginning of this script. .SH "NOTES" .IX Header "NOTES" Historically, Usenet news server administrators have configured their news servers to automatically honor Usenet control messages based on the originator of the control messages and the hierarchies for which the control messages applied. For example, in the past, David Lawrence always issued control messages for the \*(L"Big\ 8\*(R" hierarchies (comp, humanities, misc, news, rec, sci, soc, talk). Usenet news administrators would configure their news server software to automatically honor newgroup and rmgroup control messages that originated from David Lawrence and applied to any of the Big\ 8 hierarchies. .PP Unfortunately, Usenet news articles (including control messages) are notoriously easy to forge. Soon, malicious users realized they could create or remove (at least temporarily) any Big\ 8 newsgroup they wanted by simply forging an appropriate control message in David Lawrence's name. As Usenet became more widely used, forgeries became more common. .PP The \fBpgpverify\fR program was designed to allow Usenet news administrators to configure their servers to cryptographically verify control messages before automatically acting on them. Under the \fBpgpverify\fR system, a Usenet hierarchy maintainer creates a \s-1PGP\s0 public/private key pair and disseminates the public key. Whenever the hierarchy maintainer issues a control message, he uses the \fBsigncontrol\fR program to sign the control message with the \s-1PGP\s0 private key. Usenet news administrators configure their news servers to run the \fBpgpverify\fR program on the appropriate control messages, and take action based on the \s-1PGP\s0 key User \s-1ID\s0 that signed the control message, not the name and address that appear in the control message's From: or Sender: headers. .PP Thus, appropriate use of the \fBsigncontrol\fR and \fBpgpverify\fR programs essentially eliminates the possibility of malicious users forging Usenet control messages that sites will act upon, as such users would have to obtain the \s-1PGP\s0 private key in order to forge a control message that would pass the cryptographic verification step. If the hierarchy administrators properly protect their \s-1PGP\s0 private keys, the only way a malicious user could forge a validly-signed control message would be by breaking the public key encryption algorithm, which (at least at this time) is believed to be prohibitively difficult for \s-1PGP\s0 keys of a sufficient bit length. .SH "HISTORY" .IX Header "HISTORY" \&\fBpgpverify\fR was written by David C Lawrence . Manual page provided by James Ralston. It is currently maintained by Russ Allbery . .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" David Lawrence wrote: \*(L"Our lawyer told me to include the following. The upshot of it is that you can use the software for free as much as you like.\*(R" .PP Copyright (c) 1996 \s-1UUNET\s0 Technologies, Inc. All rights reserved. .PP Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: .IP "1." 4 Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. .IP "2." 4 Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. .IP "3." 4 All advertising materials mentioning features or use of this software must display the following acknowledgement: .Sp .Vb 1 \& This product includes software developed by UUNET Technologies, Inc. .Ve .IP "4." 4 The name of \s-1UUNET\s0 Technologies (\*(L"\s-1UUNET\s0\*(R") may not be used to endorse or promote products derived from this software without specific prior written permission. .PP \&\s-1THIS\s0 \s-1SOFTWARE\s0 \s-1IS\s0 \s-1PROVIDED\s0 \s-1BY\s0 \s-1UUNET\s0 \*(L"\s-1AS\s0 \s-1IS\s0\*(R" \s-1AND\s0 \s-1ANY\s0 \s-1EXPRESS\s0 \s-1OR\s0 \s-1IMPLIED\s0 \&\s-1WARRANTIES\s0, \s-1INCLUDING\s0, \s-1BUT\s0 \s-1NOT\s0 \s-1LIMITED\s0 \s-1TO\s0, \s-1THE\s0 \s-1IMPLIED\s0 \s-1WARRANTIES\s0 \s-1OF\s0 \&\s-1MERCHANTABILITY\s0 \s-1AND\s0 \s-1FITNESS\s0 \s-1FOR\s0 A \s-1PARTICULAR\s0 \s-1PURPOSE\s0 \s-1ARE\s0 \s-1DISCLAIMED\s0. \s-1IN\s0 \&\s-1NO\s0 \s-1EVENT\s0 \s-1SHALL\s0 \s-1UUNET\s0 \s-1BE\s0 \s-1LIABLE\s0 \s-1FOR\s0 \s-1ANY\s0 \s-1DIRECT\s0, \s-1INDIRECT\s0, \s-1INCIDENTAL\s0, \&\s-1SPECIAL\s0, \s-1EXEMPLARY\s0, \s-1OR\s0 \s-1CONSEQUENTIAL\s0 \s-1DAMAGES\s0 (\s-1INCLUDING\s0, \s-1BUT\s0 \s-1NOT\s0 \s-1LIMITED\s0 \&\s-1TO\s0, \s-1PROCUREMENT\s0 \s-1OF\s0 \s-1SUBSTITUTE\s0 \s-1GOODS\s0 \s-1OR\s0 \s-1SERVICES\s0; \s-1LOSS\s0 \s-1OF\s0 \s-1USE\s0, \s-1DATA\s0, \s-1OR\s0 \&\s-1PROFITS\s0; \s-1OR\s0 \s-1BUSINESS\s0 \s-1INTERRUPTION\s0) \s-1HOWEVER\s0 \s-1CAUSED\s0 \s-1AND\s0 \s-1ON\s0 \s-1ANY\s0 \s-1THEORY\s0 \s-1OF\s0 \&\s-1LIABILITY\s0, \s-1WHETHER\s0 \s-1IN\s0 \s-1CONTRACT\s0, \s-1STRICT\s0 \s-1LIABILITY\s0, \s-1OR\s0 \s-1TORT\s0 (\s-1INCLUDING\s0 \&\s-1NEGLIGENCE\s0 \s-1OR\s0 \s-1OTHERWISE\s0) \s-1ARISING\s0 \s-1IN\s0 \s-1ANY\s0 \s-1WAY\s0 \s-1OUT\s0 \s-1OF\s0 \s-1THE\s0 \s-1USE\s0 \s-1OF\s0 \s-1THIS\s0 \&\s-1SOFTWARE\s0, \s-1EVEN\s0 \s-1IF\s0 \s-1ADVISED\s0 \s-1OF\s0 \s-1THE\s0 \s-1POSSIBILITY\s0 \s-1OF\s0 \s-1SUCH\s0 \s-1DAMAGE\s0. .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIgpgv\fR\|(1), \fIpgp\fR\|(1). .PP is where the most recent versions of \&\fBsigncontrol\fR and \fBpgpverify\fR live, along with \s-1PGP\s0 public keys used for hierarchy administration.