The official download site is: GnuPG Homepage. At that location you will find links to mirror sites.
Due to legal restrictions it is not allowed to download GnuPG from servers based in the USA. The USA imposes export restrictions on the export of cryptographic software. This is why PGP is always available in an international and a national (for the USA) version. For the international version the source code has been exported in a printed format as a book. In Europe (Oslo) it has been scanned. More information on that can be found on International PGP Homepage. The international version of PGP is free to be imported into the United States as long as it is not reexported again.
If one already has a installed version of GnuPG or PGP, one should check the signature of the file (see Signatures).
You can obtain GnuPG as a Debian Package, as a RPM package (Redhat Package Manager) or in source code. The packages are installed as binary files with the tools needed for linux platforms. When you need GnuPG for different platforms you need to compile this yourself. It would be appreciated when you make alternative installation methods for different platforms available to the general public.
Since development for the major part takes place with Linux (x86) translation todifferent system should not be regarded as being a problem. The actual list of known operating systems that support GnuPG can be found on GnuPG Homepage. The procedure as described below is pretty platform independent. Procedure can be used to install GnuPG out of a sourcecode tar-ball.
Unpack the tar-ball with the command:
tar xvzf gnupg-?.?.?.tar.gz
After the unpack, please step into the directory containing the source code. Then type
./configure
When doing this nothing special should happen. With
you can view the available configuration settings for compilation. If problems occur that have to do with internationalization (GET text), one can include a version that is delivered with the source code by using the option./configure --help
--with-included-gettext
or
switch it of by using the --disable-NLS
option.
After this we want to compile the stufing by typing:
This should work without any problems. If any problems occur take the following steps (in the same order as described here): First try to solve this yourself (of course also by using the available documentation). Then make sure that your roblem is not a known bug (check the BUGS file on http://www.gnupg.org). Then ask someone you know. If these steps do not solve your problem post a question to the GnuPG-mailinglist (see Informationsources). If the problem is path related, one should trymake
make
clean
, then run configure
again and then retry
to compile. If that doesn't work it is time to panic.
Now type:
to actual copy the program and the man-pages into the installation directory. If you didn't change the installation directory when you did ./configure themake install
usr/local/share/gnupg/
will be the
installation directory. You can find this directory in the file
options.skel
. When you change this
options.skel
. If you copy this to
~/.gnupg/options
the appropiate adjustments will be
used as standard. Copying should occur automatically when creating
~/.gnupg/
. All possible options are well documented
and explaining them here would not be useful.
You can run GnuPG as suid root. So the program runs with all the
rights the superuser has. By doing this you exclude the possibility
that certain parts of the program are stored externally and then
could be read by anyone. It is not feasible for me to judge on the
value of this risk. But running the program as suid root one should
be alert to the danger of Trojan horses. Since a Trojan horse
running as superuser can damage an entire system. If for this
reason (or any other reason you choose not run GnuPG as root you
can switch of the warning by setting no-secmem-warning
in ~/gnupg/options
.