Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Questions about OpenPGP in cPanel

Discussion in 'Database Discussion' started by ralph76, Jun 20, 2005.

  1. ralph76

    ralph76 Registered

    Jun 20, 2005
    Likes Received:
    Trophy Points:
    Linz, Austria
    Hello there,

    i just started using cPanel and am therefore new to this forum, so please be a little patient with me ;-)

    I'm used to PGP for signing and encrypting my emails with desktop email clients like The Bat! and Thunderbird and i also know and use PGP in Horde IMP 4.

    Then i found PGP in cPanel and now i'm puzzled what exactly it is good for and how to use it here. Someone in this forum posted, he uses cPanels PGP for incoming email with sensitive data like cc information. So, i guess, i can use a mailform and modify it's sendmail command to use my public key. So i presume the incoming mail goes over SSL is stored encrypted on the server and can be encrypted with any mail client or program that has the private key - is that right so far? If yes, what other possible scenarios would be possible?

    Now my second question: I can create new keys with cPanel as well. I have to enter my name, email nick/comment and expiry date - but why is the password optional? What's the point in a private key without a password? And why is nick/comment not optional? Horde IMP 4 also has an implementation of (Open?)PGP and there nick/comment and expiry date are optional, but password is not - that makes sense to me. Can someone explain that to me?

    My third question is, what it is good for, to store the private key in cPanel? I suppose, that function is for scripts or programs that decrypt the encrypted data on the fly and process it - is that correct? But isn't it a security risc to let these steps be automated? Even more, when the key has no password?

    It would be very nice, if someone could clear my confusion a little and let me get the most of cPanel...
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. zombo

    zombo Active Member

    Jan 28, 2004
    Likes Received:
    Trophy Points:
    ralph, did you ever get or find an answer to your questions?

    on a webserver to get any action you need a trigger, like a cgi script or a cron job. It could, e.g. make sense to have visitors adding something to a database and emailing the results regularly (but encrypted) to a remote email address.

    The sendmail backdraw is that you will end up with mails from user - but I did not yet find out how to convince exim to sendout mail using the CPanel openPPG Key.

    Another possibility is simply encoding whole files on the server, e.g. by having perl execute something like "gpg -a -e -r path_to_userhome/anywhere/16053.jpg" to encrypt e.g. a picture file.

    Did you or anyone else find a way to use CPanels OpenPGP ? How are you using it?

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice