FAOPGP CLS - Protecting Files

Using FAOPGP CLS

Protecting (encrypting & digitally signing) Files

You can choose whether you want to encrypt files, sign files, or both by selecting either just an encryption key, just a signing key, or selecting both types of key. If 'Not Selected' is displayed in either of the pull-down list boxes then that function will not be carried out.

NOTE: Files do not have to be signed in order to be encrypted and vice versa.

Files may be protected for individuals, multiple recipients or groups.

See also protection command line parameters

Protecting Files

1. Select the 'Protect' checkbox.

2. Select the appropriate encryption and/or signing key from the ‘Encrypt For’ and ‘Sign As’ drop-down list boxes.

Encrypt For
Keys belonging to you and other people are displayed in this list box so that you can encrypt files for yourself or for other people.

If you want to encrypt files for yourself choose a key that belongs to you. If you want to encrypt files for other people then choose one of their keys (the files will automatically be encrypted for you too). You can select the appropriate key from the drop-down list box. If 'Not selected' is displayed then files will not be encrypted. Group names (if available) are always displayed at the top of this list box in bold.

If you are encrypting files for other users that are using PGP version 5.x or 6.x check the 'Compatibility with PGP version 5 and 6 checkbox'. This will force FAOPGP CLS to use TDES as the encryption algorithm as these versions of PGP do not support AES.

You can encrypt files for multiple recipients by selecting multiple users from the 'Encrypt For' drop-down list box. Hold down the CTRL or SHIFT key whilst selecting user names in order to highlight them.

Multiple Recipients selection

Click once you have made your selection.

NOTE: It does not matter if you do not include one of your own keys in the list as files will automatically be encrypted for you too using your Default key.

IMPORTANT NOTE: If you want to encrypt files for other people then they must generate a key on their computer using their copy of FAOPGP, FAOPGP Reader or any other OpenPGP compatible software and send it to you. You can then import this key into Key Manager so it will become available for selection from the 'Encrypt For' drop-down list box. You cannot generate keys on behalf of others because when you export a key, only the public part of the key (used for encryption and signature verification) is exported. The private part of the key (used for decryption and signing) never leaves the computer.

Sign As
The key displayed in this list box is the one currently selected for signing files. You can select the appropriate key from the drop-down list box. Only keys belonging to you are displayed in this list box. If 'Not selected' is displayed then files will not be signed. The 'Sign As' list box will only ever display keys that belong to you because you cannot sign files on behalf of others.

NOTE: If this is the first time you have used FAOPGP CLS then the value in both of the 'Encrypt For' and 'Sign As' list boxes will always be set to ‘Not selected’. On subsequent uses, the keys you last selected will be displayed.

Your files are encrypted/signed and saved to the 'Destination Directory' you have specified in the command editor using the same name as the original file but with a .pgp or .asc extension.