[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: New remailer concept.
-----BEGIN PGP SIGNED MESSAGE-----
> The answer of course is encryption, but that is a problem when
> you are writing to your, well... , "crypto challenged"
> friends. Also, two way encrypted messages to most discussion
> lists is not possible (to my knowledge).
I hacked up some simple stuff which lets you read and send mail from a
remote unix account. It's not exactly what you want, but it's pretty easy
to do. (This stuff is pretty trivial, so if that bothers you, don't read
on.) This lets you get an account on a freenet like nyx which will
respect your privacy, and use that address to communicate to the rest of
the world.
First of all, I used filter and a sh script called secsh which allows me
to mail and execute arbitrary sh scripts on the remote account, provided
that they bear a valid, authorized pgp signature. If incoming mail has a
trigger word in the subject line, it gets piped into a script which checks
the sig and runs it if the sig checks out. Here's secsh:
#!/bin/sh
PGP=/usr/local/bin/pgp # the location of pgp
PGPPATH=wherever # the location of config.txt
export PGPPATH # and pubring.pgp
PATH=a copy of your path
export PATH
trap 'rm -f /tmp/ss$$; exit 1' 1 2 15
if ($PGP -f +batchmode < $1 > /tmp/ss$$ 2>/dev/null)
then
/bin/sh /tmp/ss$$
fi
rm /tmp/ss$$
It's a good idea to point PGPPATH at a special pgp dir, because this will
pass any script with a sig that validates with any key on your keyring.
I use another script, mlscpt, which looks sort of like a dumb version of
the mail command. It takes a destination address and a subject as input,
and reads incoming mail from stdin. A sh script which extracts and mails
the letter is emitted to stdout. Here's mlscpt:
#!/bin/sh
echo "#!/bin/sh
sed -e '/BEGINCRM/d' -e '/ENDCRM/d' << \End_of_File | mail -s '$2' $1
BEGINCRM"
cat
echo "ENDCRM
End_of_File"
You can use another, trivial script, to call mlscpt, sign the result, and
mail it off to the remote account. Mine uses a dummy key to encrypt the
output, for no good reason: the secret key, which isn't protected with a
passphrase, is on the remote account's key ring, so it unwraps
automatically. Here trigger stands for the trigger word which causes the
incoming mail to be fed into secsh:
#!/bin/sh
mlscpt "$1" "$2" | pgp -efs dummy | mail -s trigger [email protected]
echo " "
It's also trivial to cause incoming mail to be encrypted and forwarded to
your home account, but I can't find mine and I'm too lazy to look up the
PGP command args which are needed.
I used to use something similar to mlscpt as a "return address" for the
cp remailer system: I'd send people a script which would append a header
to their letter and send it off to the first remailer on the chain. I
quit using it because lots of sensible people were reluctant to run
strange scripts which they had recieved from some anonymous guy through a
remailer.
==
Alex Strasheim | finger [email protected]
[email protected] | for my PGP 2.6.1. public key
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBLtLJWBEpP7+baaPtAQFPlAQAwSFUFRbGaUOZUwiNBfoSCJGPbAkRHeM0
xqKWhBH13HTTH52AIiQWUdBtKN6nJEj7bAf3VQRuSgZ6lxfXEDRI5QrytZJLHzwx
LMTiGbdMin264RtFREwn5RSEOkr8oAJqge7srdKyoD1Lu7X8C1Y+TxLPuUcSVWKA
EMU5NDBNS3I=
=s09x
-----END PGP SIGNATURE-----