Setting Up GnuPG
The server and all the authorized users' machines require GnuPG installation. Download GnuPG it from its homepage
. On the sender machines, you can install the Linux or Windows version of GnuPG, and a GUI helper such as GPA for Linux or Cryptophane for Windows to generate and administer the keys. For the Linux Debian server used in this example, I used the following command to install GnuPG:
apt-get install gnupg
Using Command Line GnuPG to Generate and Administer Keys
The directory where GnuPG keeps the keyring is very important and has to be kept secret. If you want to use a particular directory, you have to specify it on the command line or set the environment variable GNUPGHOME. The following generates a key pair for the server, acting as the fictitious user who acts on the server by providing replies via email:
gpg –homedir /keyring/path –gen-key
Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 1024
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 0
Real name: Machine
Email address: email@example.com
Comment: The Machine
You selected this USER-ID:
"Machine (The Machine) <firstname.lastname@example.org>"
You don't want a passphrase - this is probably a *bad* idea!
I will do it anyway. You can change your passphrase at any time,
using this program with the option "--edit-key".
You can change a lot of the options used in the above commands. For example, you can dictate a keysize that is not as long (1024 bits) or have no passphrase at all. The latter is usually a very bad choice, but because this example involves unmanned use of gpg, I was obliged to write down the passphrase in the script. You can use the same procedure to generate a key pair for the remote sender, in which case using a passphrase for the secret key is highly recommended.
Once the server and the users generate their keys, they have to exchange their public keys using import and export gpg commands, as follows:
gpg --export –armor –output pub.gpg
gpg --import /tmp/pub.gpg
Assuming the exchange of public keys between the server administrator and authorized users takes place over a trusted channel, the exchange doesn't face the challenge of key trust.
How to Send the Command to the Server
After the server and sender keyrings are well configured, the sender takes the following steps to package the email containing the command to be run in the server:
- Write a file containing the command the sender chooses. For example, the file /tmp/cmd.txt with the line:
ls -la /tmp
- Sign and encrypt the file with gpg, producing the garbled file /tmp/cmd.gpg:
--homedir /path/of/your/keyring \
--trust-model always \
--recipient email@example.com \
--default-key firstname.lastname@example.org \
--output /tmp/cmd.gpg \
- Open a mail client and write a new message to email@example.com. Use any subject and paste the contents of the file /tmp/cmd.gpg in the message body.
- Send the email.
To easily test the application, find a small PHP accessory script, cmsend.php, in the downloadable code. After asking for the command and the passphrase of the sender's secret key, this script sends the email to the server using the Mail_Mime PEAR package.