Setup PGP on Snow Leopard
How To:
Begin by downloading and verifying the GnuPG archives from
curl -O ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.10.tar.gz
curl -O ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.10.tar.gz.sig
If this server does not work please take a look at the morrors page of GnuPG
at http://www.gnupg.org/(en)/download/mirrors.html, choose a mirror and
replace the URL in an appropriate way. For instance choose
curl -O ftp://ftp.franken.de/pub/crypt/mirror/ftp.gnupg.org/gcrypt/gnupg/
gnupg-1.4.2.2.tar.gz
To verify:
gpg –verify gnupg-1.4.10.tar.gz.sig
or, if you don’t have an older copy of GnuPG or another OpenPGP program
(NEVER verify the version of GnuPG you download with itself), use the SHA-1
checksums found on the GnuPG Web site and compare with the checksum from:
openssl sha1 gnupg-1.4.10.tar.gz
Next, untar GnuPG:
tar -xzf gnupg-1.4.10.tar.gz
And move into the GnuPG directory:
cd gnupg-1.4.10
Please bear in mind that the TIGER hash algorithm is no longer supported.
If you need to use the TIGER module refer to an earlier version of GnuPG
(1.2.6 or older). TIGER is not more part of the OpenPGP standard.
If you want to use IDEA (and have the legal right), follow the instructions
found on the Mac GPG Website in howto-install-IDEA. Afterwards, return here
to finish building and installing GnuPG.
If you need to include or exclude anything else please run the following
command to get a list of all options available:
./configure -h
Now you need to set up GnuPG to build on your system. You do this by
running configure:
./configure
NOTE: If you try to compile gnupg on Snow Leopard (Mac OS X 10.6) you only
will be able to run gnupg in 32bit mode. Thus you will have to compile it
for that mode. You can do this by using this command instead the above
mentioned:
./configure CC=”gcc -arch i386″
Once you have everything configured, it’s time to compile GnuPG by running:
make
(Tip for Power Users: To help make run even faster, use the -jn option to
overlap processes that make spawns where n is the number of processors on
your system plus one. For example, on a single processor eMac, you’d use
‘make -j2’.)
Optionally, you can run make check before you install to make sure that your
system will be safe to run GnuPG on.
make check
If all tests pass, the only thing left to do is type:
sudo make install
And, voila! GnuPG should be installed on your computer!
After you have GnuPG installed, it wouldn’t hurt to check the quality of the
random numbers being produced by /dev/random. To test this, first type:
gpg –gen-random 0 > rnd &
and after a little while kill the process (once you’ve got 20 or 30 MB of
random numbers). Then, using a program like ent, check the quality of the
numbers. Of particular interest will be the entropy, compressibility, and
chi^2 p-value (this should be as high as possible, as low as possible, and
as close to .5 as possible, respectively; see ent documentation for more
details).
