Discussion:
PGP on iSeries (as/400)
(too old to reply)
JTF
2008-08-21 14:45:53 UTC
Permalink
We are using pgp on our iseries. The machine has a Unix shell which
is fully compatible.

Problem:
PGP assumes that .pgp folder will be in the user's specified home
directory UNLESS an environmental variable PGPPATH is set.

Work around to get it to work:
Placed the .pgp folder at the root ( / ) and changed the users home
directory to /

pgp is in folder /var/pgpcli

We played with the env variable but pgp errors
"Can't open key rings
Encryption error "

If I set the PGPPATH to another folder, pgp creates the keyrings and
other files there, but obviously, our keys and our partner's keys are
not there.



SO.....Does PGP set any paths in its OWN configuration files which
causes it to look elsewhere other than PGPPATH? That is, if pgp was
already set up and the .pgp folder was moved, does PGP attempt to use
the last known location for the keyrings?

I tried to simplify my question, If it is still muddy, please reply
and ask for clarification.

Thanks
JEFF
Neil W Rickert
2008-08-21 15:17:17 UTC
Permalink
Post by JTF
pgp is in folder /var/pgpcli
We played with the env variable but pgp errors
"Can't open key rings
Encryption error "
You haven't indicated which PGP version.

Version 6.5.8 on unix creates an additional file "PGPsdkPreferences".
It uses $PGPPATH to find that file, and then uses data in that
file to find the keyrings.

The way to get around this, in unix, is when copying to a new
directory and using PGPPATH, copy only the keyring files and
any "pgp.cfg" file. Don't copy other files, but let PGP recreate
them to correspond to what is in $PGPPATH.

I'm not sure if that is your problem, but it is something you could
perhaps try.
JTF
2008-08-21 15:25:49 UTC
Permalink
We are using 6.5.8.

I will try your suggestion and post back my findings

Thanks for the quick response
JTF
2008-08-21 15:29:15 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Post by JTF
pgp is in folder /var/pgpcli
We played with the env variable but pgp errors
"Can't open key rings
Encryption error             "
You haven't indicated which PGP version.
Version 6.5.8 on unix creates an additional file "PGPsdkPreferences".
It uses $PGPPATH to find that file, and then uses data in that
file to find the keyrings.
The way to get around this, in unix, is when copying to a new
directory and using PGPPATH, copy only the keyring files and
any "pgp.cfg" file.  Don't copy other files, but let PGP recreate
them to correspond to what is in $PGPPATH.
I'm not sure if that is your problem, but it is something you could
perhaps try.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkithvkACgkQvmGe70vHPUP2kgCeNsQYAnZAOKBxo3qTA5PGlTKL
A8oAoOfYkGzvh+7aQW7p3qYhuK1fb7Z3
=0UOZ
-----END PGP SIGNATURE-----
Interesting!

I deleted PGPgroup.pgr, PGPMacBinaryMappings.txt and PGPsdkPreferences
and it worked!

<U....Have a beer on me!

Thanks alot, your help is greatly appreciated.
JTF
2008-08-21 15:35:50 UTC
Permalink
Thanks Neil
I deleted PGPgroup.pgr, PGPMacBinaryMappings.txt and PGPsdkPreferences
from .pgp folder and then PGP worked. PGP then recreated those files
upon running.

Thanks for your help, it is GREATLY appreciated.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Post by JTF
pgp is in folder /var/pgpcli
We played with the env variable but pgp errors
"Can't open key rings
Encryption error             "
You haven't indicated which PGP version.
Version 6.5.8 on unix creates an additional file "PGPsdkPreferences".
It uses $PGPPATH to find that file, and then uses data in that
file to find the keyrings.
The way to get around this, in unix, is when copying to a new
directory and using PGPPATH, copy only the keyring files and
any "pgp.cfg" file.  Don't copy other files, but let PGP recreate
them to correspond to what is in $PGPPATH.
I'm not sure if that is your problem, but it is something you could
perhaps try.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkithvkACgkQvmGe70vHPUP2kgCeNsQYAnZAOKBxo3qTA5PGlTKL
A8oAoOfYkGzvh+7aQW7p3qYhuK1fb7Z3
=0UOZ
-----END PGP SIGNATURE-----
Neil W Rickert
2008-08-21 16:26:06 UTC
Permalink
Post by JTF
I deleted PGPgroup.pgr, PGPMacBinaryMappings.txt and PGPsdkPreferences
from .pgp folder and then PGP worked. PGP then recreated those files
upon running.
I'm glad you have it working.

If you are able, I would suggest you look into whether GNUPG can be
built for your system. Your version is getting to be a bit dated
by now.
JTF
2008-08-21 17:57:10 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Post by JTF
I deleted PGPgroup.pgr, PGPMacBinaryMappings.txt and PGPsdkPreferences
from .pgp folder and then PGP worked.  PGP then recreated those files
upon running.
I'm glad you have it working.
If you are able, I would suggest you look into whether GNUPG can be
built for your system.  Your version is getting to be a bit dated
by now.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkitlxoACgkQvmGe70vHPUMe7ACePzgCmHby1W4vnT3LXYSQ3eFK
0GUAn3g9STK+Lgg+BAC5yiwYxyuCuosJ
=Iczy
-----END PGP SIGNATURE-----
I had suggested it at one point. But this is the software our bank
gave us....you know how it goes.

Loading...