DNEWS News Server Manual


Adding PGP authentication to DNEWS 4

  1. Install PGP software on your computer
  2. Add the public keys of the public news administrators
  3. In DNEWS.CONF specify the path to the PGP program
  4. In control.conf add ",pgp" to the 'action' field

Install PGP 2.6.* software on your computer, on unix you can use pgp 5.* if you define in dnews.conf pgp as follows, on NT you are better to use 2.6.* as 5.0 doesn't suppor t the command line interface.

	pgp /usr/bin/pgpv

For legal reasons we cannot supply PGP directly as this would break certain archaic U.S. laws. However we can tell you how to get it: (apparently non U.S. citizens cannot read English :-)

For Windows NT :- look for a version for '32-bit DOS...' , you don't need the fancy windows front ends (which do not work without also getting the DOS application)  e.g. for the international version I used: ftp://ftp.no.pgpi.com/pub/pgp/2.x/pc/msdos/pgp263i.zip (U.S. citizens must not use this version apparently)

For Unix:- get the source and build it, typically with a command like:

   make linux

For NT install PGP 2.6.* rather than 5.0 as the command line utilities are required which weren't available in version 5 last time I checked.

Add the public keys of the public news administrators

Transfer the file http://ftp.sunet.se/pub/news/misc/pgpcontrol/PGPKEYS.gz , gunzip it and then add these public keys to your key ring, e.g.

    gunzip PGPKEYS.gz
    pgp -ka PGPKEYS

On NT you should define the environment variable PGPPATH for all users (in the system setup) to tell pgp where it can find it's key rings, on UNIX you should run the above commands as the 'NEWS' user and pgp will put the key ring into a directory called, ~news/.pgp/ or you can define PGPPATH in dnews_start.sh

On unix, if you define PGPPATH to point to a directory that is not owned by NEWS then you may find PGP fails because it cannot access the key ring.

In DNEWS.CONF specify the path to the PGP program

This step is only necessary if you have not put 'pgp' into your path.

	pgp c:\app\pgp\pgp.exe

You may also need to define pgppath to point to the 'news' users keyring, e.g. (the path should match the home directory of 'news' in  /etc/passwd)

	pgppath /var/spool/news/.pgp

In control.conf add ",pgp" to the 'action' field, or use this modified PGP version of control.conf

newgroup:tale@*.uu.net:comp.*,misc.*,news.*,rec.*,sci.*,soc.*,talk.*:doit,pgp
rmgroup:tale@*.uu.net:comp.*,misc.*,news.*,rec.*,sci.*,soc.*,talk.*:doit,pgp

Note: currently PGP is only implemented on the Windows NT and UNIX version of DNEWS.

Testing PGP

copy sample.control (workarea)/pgp.tst
tellnews pgp_test
tail dnews.log

Related useful links

Products Downloads Prices Support Company