McAfee MEJCAE-AM-DA Product Guide - Page 62
Encrypting and Decrypting, Exchanging encrypted information, Getting the recipient’s public key
View all McAfee MEJCAE-AM-DA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 62 highlights
8 Encrypting and Decrypting Exchanging encrypted information This chapter describes the various E-Business Server options that let you encrypt and decrypt your data. For an overview of encryption and decryption and a description of how E-Business Server performs the two operations, see An Introduction to Cryptography. Getting the recipient's public key Before you encrypt, you need to be sure that you are encrypting with the correct public key. This means you need to check the public key to ensure that it truly belongs to the person to whom you think it belongs. Encrypting the message with the wrong key basically makes it: • Closed to your intended recipient • Open to whomever's key you encrypted it to (possibly an interloper) Verifying that a key belongs to its purported owner is discussed in the section "Validity and trust" on page 46. Encrypting information Encryption is one of the most common operations you will perform with E-Business Serfsver. You can encrypt using any of the following methods: conventional encryption, public key encryption, create a self-decrypting archive (SDA), or create a PGParchive. Encrypting with conventional encryption Encrypting with conventional encryption means encrypting to a particular passphrase instead of to a public key. Conventional encryption is useful in certain situations, like when you're encrypting to yourself; however, the typical problem one encounters with conventional encryption is the difficulty in securely communicating the passphrase to the recipient. For more information on conventional encryption, see An Introduction to Cryptography. ebs --encrypt --conventional To specify a passphrase for conventional encryption, use the --conventional-passphrase modifier. If the passphrase contains spaces, you must enclose the entire string in quotes. ebs --encrypt --conventional [--conventional-passphrase ] Note: If the file you want to encrypt is not in the current directory, then you must also specify the path to the file. The following command encrypts the file secretdocument.txt using the passphrase quick, get a mango. To decrypt the file, the recipient will have to type in the same passphrase. ebs --encrypt --conventional secretdocument.txt --conventional-passphrase "quick, get a mango" This results in an encrypted file named secretdocument.txt.pgp. Note: Exercise caution when using the --passphrase or --conventional-passphrase modifiers. Whenever you enter a passphrase as cleartext on the command line (as in the example above), you risk its interception. For alternative ways to supply E-Business Server with your passphrase, see Alternative ways to work with passphrases on page 72. E-Business Server™ 8.6 Product Guide 60