Man Pages

epa - phpMan epa - phpMan

Command: man perldoc info search(apropos)  


File: epa,  Node: Top,  Next: Overview,  Up: (dir)

EasyPG Assistant user's manual
******************************

EasyPG Assistant is an Emacs user interface to GNU Privacy Guard
(GnuPG, *note Top: (gnupg)Top.).

   EasyPG Assistant is a part of the package called EasyPG, an
all-in-one GnuPG interface for Emacs.  EasyPG also contains the library
interface called EasyPG Library.

   This file describes EasyPG Assistant 1.0.0.

   Copyright (C) 2007, 2008, 2009 Free Software Foundation, Inc.

     Permission is granted to copy, distribute and/or modify this
     document under the terms of the GNU Free Documentation License,
     Version 1.3 or any later version published by the Free Software
     Foundation; with no Invariant Sections, with the Front-Cover texts
     being "A GNU Manual," and with the Back-Cover Texts as in (a)
     below.  A copy of the license is included in the section entitled
     "GNU Free Documentation License" in the Emacs manual.

     (a) The FSF's Back-Cover Text is: "You have the freedom to copy and
     modify this GNU manual.  Buying copies from the FSF supports it in
     developing GNU and promoting software freedom."

     This document is part of a collection distributed under the GNU
     Free Documentation License.  If you want to distribute this
     document separately from the collection, you can do so by adding a
     copy of the license to the document, as described in section 6 of
     the license.

* Menu:

* Overview::
* Quick start::
* Commands::

File: epa,  Node: Overview,  Next: Quick start,  Prev: Top,  Up: Top

1 Overview
**********

EasyPG Assistant provides the following features.

   * Key management.

   * Cryptographic operations on regions.

   * Cryptographic operations on files.

   * Dired integration.

   * Mail-mode integration.

   * Automatic encryption/decryption of *.gpg files.

File: epa,  Node: Quick start,  Next: Commands,  Prev: Overview,  Up: Top

2 Quick start
*************

EasyPG Assistant commands are prefixed by `epa-'.  For example,

   * To browse your keyring, type `M-x epa-list-keys'

   * To create a cleartext signature of the region, type `M-x
     epa-sign-region'

   * To encrypt a file, type `M-x epa-encrypt-file'

   EasyPG Assistant provides several cryptographic features which can be
integrated into other Emacs functionalities.  For example, automatic
encryption/decryption of `*.gpg' files.

   To install these features, do `C-u 1 M-x epa-mode'.  It can also be
turned on by customize.  Try `M-x customize-variable epa-mode'.

File: epa,  Node: Commands,  Prev: Quick start,  Up: Top

3 Commands
**********

This chapter introduces various commands for typical use cases.

* Menu:

* Key management::
* Cryptographic operations on regions::
* Cryptographic operations on files::
* Dired integration::
* Mail-mode integration::
* Encrypting/decrypting *.gpg files::

File: epa,  Node: Key management,  Next: Cryptographic operations on regions,  Up: Commands

3.1 Key management
==================

Probably the first step of using EasyPG Assistant is to browse your
keyring.  `M-x epa-list-keys' is corresponding to `gpg --list-keys'
from the command line.

 -- Command: epa-list-keys name mode
     Show all keys matched with NAME from the public keyring.

The output looks as follows.

       u A5B6B2D4B15813FE Daiki Ueno <uenoATunixuser.org>

A character on the leftmost column indicates the trust level of the
key.  If it is `u', the key is marked as ultimately trusted.  The
second column is the key ID, and the rest is the user ID.

   You can move over entries by <TAB>.  If you type <RET> or click
button1 on an entry, you will see more detailed information about the
key you selected.

      u Daiki Ueno <uenoATunixuser.org>
      u A5B6B2D4B15813FE 1024bits DSA
     	Created: 2001-10-09
     	Expires: 2007-09-04
     	Capabilities: sign certify
     	Fingerprint: 8003 7CD0 0F1A 9400 03CA  50AA A5B6 B2D4 B158 13FE
      u 4447461B2A9BEA2D 2048bits ELGAMAL_E
     	Created: 2001-10-09
     	Expires: 2007-09-04
     	Capabilities: encrypt
     	Fingerprint: 9003 D76B 73B7 4A8A E588  10AF 4447 461B 2A9B EA2D

To browse your private keyring, use `M-x epa-list-secret-keys'.

 -- Command: epa-list-secret-keys name
     Show all keys matched with NAME from the private keyring.

In `*Keys*' buffer, several commands are available.  The common use
case is to export some keys to a file.  To do that, type `m' to select
keys, type `o', and then supply the filename.

   Below are other commands related to key management.  Some of them
take a file as input/output, and others take the current region.

 -- Command: epa-insert-keys keys
     Insert selected KEYS after the point.  It will let you select keys
     before insertion.  By default, it will encode keys in the OpenPGP
     armor format.

 -- Command: epa-import-keys file
     Import keys from FILE to your keyring.

 -- Command: epa-import-keys-region start end
     Import keys from the current region between START and END to your
     keyring.

 -- Command: epa-import-armor-in-region start end
     Import keys in the OpenPGP armor format in the current region
     between START and END.  The difference from
     `epa-import-keys-region' is that `epa-import-armor-in-region'
     searches armors in the region and applies `epa-import-keys-region'
     to each of them.

 -- Command: epa-delete-keys allow-secret
     Delete selected keys.  If ALLOW-SECRET is non-`nil', it also
     delete the secret keys.

File: epa,  Node: Cryptographic operations on regions,  Next: Cryptographic operations on files,  Prev: Key management,  Up: Commands

3.2 Cryptographic operations on regions
=======================================

 -- Command: epa-decrypt-region start end
     Decrypt the current region between START and END.  It replaces the
     region with the decrypted text.

 -- Command: epa-decrypt-armor-in-region start end
     Decrypt OpenPGP armors in the current region between START and
     END.  The difference from `epa-decrypt-region' is that
     `epa-decrypt-armor-in-region' searches armors in the region and
     applies `epa-decrypt-region' to each of them.  That is, this
     command does not alter the original text around armors.

 -- Command: epa-verify-region start end
     Verify the current region between START and END.  It sends the
     verification result to the minibuffer or a popup window.  It
     replaces the region with the signed text.

 -- Command: epa-verify-cleartext-in-region
     Verify OpenPGP cleartext blocks in the current region between
     START and END.  The difference from `epa-verify-region' is that
     `epa-verify-cleartext-in-region' searches OpenPGP cleartext blocks
     in the region and applies `epa-verify-region' to each of them.
     That is, this command does not alter the original text around
     OpenPGP cleartext blocks.

 -- Command: epa-sign-region start end signers type
     Sign the current region between START and END.  By default, it
     creates a cleartext signature.  If a prefix argument is given, it
     will let you select signing keys, and then a signature type.

 -- Command: epa-encrypt-region start end recipients sign signers
     Encrypt the current region between START and END.  It will let you
     select recipients.  If a prefix argument is given, it will also
     ask you whether or not to sign the text before encryption and if
     you answered yes, it will let you select the signing keys.

File: epa,  Node: Cryptographic operations on files,  Next: Dired integration,  Prev: Cryptographic operations on regions,  Up: Commands

3.3 Cryptographic operations on files
=====================================

 -- Command: epa-decrypt-file file
     Decrypt FILE.

 -- Command: epa-verify-file file
     Verify FILE.

 -- Command: epa-sign-file file signers type
     Sign FILE.  If a prefix argument is given, it will let you select
     signing keys, and then a signature type.

 -- Command: epa-encrypt-file file recipients
     Encrypt FILE.  It will let you select recipients.

File: epa,  Node: Dired integration,  Next: Mail-mode integration,  Prev: Cryptographic operations on files,  Up: Commands

3.4 Dired integration
=====================

EasyPG Assistant extends Dired Mode for GNU Emacs to allow users to
easily do cryptographic operations on files.  For example,

     M-x dired
     (mark some files)
     : e (or M-x epa-dired-do-encrypt)
     (select recipients by 'm' and click [OK])

The following keys are assigned.

`: d'
     Decrypt marked files.

`: v'
     Verify marked files.

`: s'
     Sign marked files.

`: e'
     Encrypt marked files.


File: epa,  Node: Mail-mode integration,  Next: Encrypting/decrypting *.gpg files,  Prev: Dired integration,  Up: Commands

3.5 Mail-mode integration
=========================

EasyPG Assistant provides a minor mode to help user compose inline PGP
messages.  Inline PGP is sending the OpenPGP blobs directly inside a
mail message and it is not recommended and you should consider to use
PGP/MIME.  See Mm'kay?.

The following keys are assigned.

`C-c C-e d'
     Decrypt OpenPGP armors in the current buffer.

`C-c C-e v'
     Verify OpenPGP cleartext signed messages in the current buffer.

`C-c C-e s'
     Compose a signed message from the current buffer.

`C-c C-e e'
     Compose an encrypted message from the current buffer.  By default
     it tries to build the recipient list from `to', `cc', and `bcc'
     fields of the mail header.  To include your key in the recipient
     list, use `encrypt-to' option in `~/.gnupg/gpg.conf'.


File: epa,  Node: Encrypting/decrypting *.gpg files,  Prev: Mail-mode integration,  Up: Commands

3.6 Encrypting/decrypting *.gpg files
=====================================

Once `epa-setup' is loaded, every file whose extension is `.gpg' will
be treated as encrypted.  That is, when you attempt to open such a file
which already exists, the decrypted text is inserted in the buffer
rather than encrypted one.  On the other hand, when you attempt to save
the buffer to a file whose extension is `.gpg', encrypted data is
written.

   If you want to temporarily disable this behavior, use `M-x
epa-file-disable', and then to enable this behavior use `M-x
epa-file-enable'.

 -- Command: epa-file-disable
     Disable automatic encryption/decryption of *.gpg files.

 -- Command: epa-file-enable
     Enable automatic encryption/decryption of *.gpg files.

`epa-file' will let you select recipients.  If you want to suppress
this question, it might be a good idea to put the following line on the
first line of the text being encrypted.

     ;; -*- epa-file-encrypt-to: ("uenoATunixuser.org") -*-

   The file name extension of encrypted files can be controlled by
EPA-FILE-NAME-REGEXP.

 -- Variable: epa-file-name-regexp
     Regexp which matches filenames treated as encrypted.

   Other variables which control the automatic encryption/decryption
behavior are below.

 -- Variable: epa-file-cache-passphrase-for-symmetric-encryption
     If non-`nil', cache passphrase for symmetric encryption.  The
     default value is `nil'.

 -- Variable: epa-file-inhibit-auto-save
     If non-`nil', disable auto-saving when opening an encrypted file.
     The default value is `t'.