The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

openPGP in cpanel. Why is it there...

Discussion in 'General Discussion' started by naox, May 5, 2005.

  1. naox

    naox Well-Known Member

    Joined:
    Mar 23, 2004
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    PGP keys are used for asymetric encrypting. Most common goal is to encrypt email with private key, and publish public key to let others know that email was writen by you.

    ok. FOR WHAT REASON CPANEL have function for generate GNU PGP keys?

    1. I dont see how cpanel/web server user could encrypt any file with PGP key stored.
    2. None of cpanel included webmail programs dont integrate usage of stored php keys.
    3. pgp is almost not existant on windows platforms, as gready microsoft would never go for 'open'-free of charge - of course some plugins exists for outlook etc.. but heh. But still I dont see connection between cpanel and using local email clients! Anyone can generate his own pgp keys on any platform, and using for this a remote server is a asking for more security breaches...
     
  2. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    Actually if you know how to use it, it is very useful. It can be used in quite a few scenarios. It in fact is one of the backbones of my current business. cPanel provides lots of features and if you don't know what to do with a particular feature then that's your bad luck, others might use that feature a lot.
     
  3. naox

    naox Well-Known Member

    Joined:
    Mar 23, 2004
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    yeah.. I searched this forum... some asked what is it for, no one got answer. same for gogle search.

    I'm only wondering what purpose it does in cpanel since I think generated keys are not used server side by any aplication that cpanel have build in.
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    As rs-freddo said, it's there for those that want and know how to use it. It's an excellent feature for those that have the need for it. If you don't want it, disable it in the Feature Manager in WHM.
     
  5. richy

    richy Well-Known Member

    Joined:
    Jun 30, 2003
    Messages:
    276
    Likes Received:
    1
    Trophy Points:
    16
    We've just started using it in the following scenerio: Customers enter credit card details over a secure SSL website and then cPanel emails us the credit card details in a PGP encrypted email encrypted to our "public key" - meaning that the credit card details cannot be read unless somebody has our "private key" (which is NOT uploaded to the server) and our passphrase. Otherwise people would be "securely entering" their CC details over a SSL site only for them to then be sent in plain text email (not secure!)
     
  6. naox

    naox Well-Known Member

    Joined:
    Mar 23, 2004
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    Yes... I see. However yours php key is used as described. And YOU, not some mere php+cgi user, always will have a posibility to generate your keys using shell and pgp software

    Still cpanel is design to serve server users. And what usage that would be to them on the server side?

    By the way. Are you sure that emailing data like cc numbers are nesecary? Data probably sould be stored in mysql db, and processed automaticly.

    But no matter. You can always disable this function in cpanel, because it only makes users confused about it purpouse.
     
Loading...

Share This Page