About this document
This is a quick start guide, geared towards experienced users of the Unix
operating system. More detailed instructions are in the file Start.html.
This is a basic description of some of the files in the kiwi package, and
how to use them.
When run with no arguments, you are given three cookies: One which times
out (by default) in three days, one which times out in two weeks (this one
is usually used for Usenet postings), and one which times out after 90 days.
Example:
You can change the timeout values by varying kiwi_days_short, kiwi_days_mid,
and kiwi_days_long in your
If you send out an email with the
return address name+cookie@domain.com (or
name-cookie@domain.com on Qmail systems), the email address will
time out.
To encrypt an IP subblock, either set up the 'REMOTE_ADDR'
environmental variable (or run it as a SSI on most web servers) or give it
an IP on the command line. Details on using ipcrypt on an SSI-enabled web
browser are in the file Webmailto.html.
Example:
This program can also be used to encrypt a five-letter message, typically used
for subscribing to announce mailing lists, or to give to people of marginal
trust.
Example:
A cookie will be rejected if the cookie does not decrypt to valid data (a
randomly generated cookie has a 1 in 113 chance of being considered valid
data), or if the time stamp in the decrypted cookie has expired.
If kiwi_password is defined in
Example of using Kiwi:
Files included with Kiwi
Example of using Kiwi
About this document
Files included with Kiwi
.kiwirc. This file tells the Kiwi software
whether you have a sendmail or qmail system, the location
of your mail spool and/or the address you want to forward "good" mail to,
the log file to use, the encryption key, and the password so friends can
email you without needing to know an encrypted cookie. You also need to
decide on whether to forward "good" mail on, or append it to a mailbox you
specify.
tools, secpass is used to generate a
random key for the encryption, to be placed in the kiwi_key field in .kiwirc
(using cut and paste). This program will only run on an operating system
with /dev/random support, and with a copy of the perl
interpreter in /usr/bin/perl. Any modern Linux distribution
will have /dev/random support and perl located at /usr/bin/perl.
clicrypt
.kiwirc file.
clicrypt 127.0.0.1
clicrypt abcde
.forward (or
.qmail and .qmail-default on qmail systems) that
determines if a message was sent to a valid cookie (or has the correct
password in the email address), and if so, either appends your mailbox
with the message in question, or forwards it to another email address you
have. If the cookie was rejected, then it discards the message and makes
a note in your maillog file.
.kiwirc, and someone sends
mail with the password in place of the encrypted cookie in the address,
the message will be accepted. This is useful for giving personal friends
an easy to remember email address. Care must be taken that the email
address with the password does not fall in to spammers' hands.
.pinerc file:
sendmail-path=/usr/local/bin/wrapper -t
Example of using Kiwi
$ cd ../src[Paste the password generated by secpass (Not the above
example password), and put it in the kiwi_key field when you edit .kiwirc]
$ cp exmaple_kiwirc ~/.kiwirc
$ ../tools/secpass
If it pauses here, please type some random text to replenish the random seed
Random password with 96 bits of entropy: jzsmGA.Mtep7-tDD
$ pico -w ~/.kiwirc
$ make
[The exact text will be different on your system]
$ ./clicrypt
fmx2v6v
$ ./clicrypt 127.0.0.1
eqjq2b4
$ ./decode
fmx2v6v
Data type: Long timeout
Message: 905972880, or Wed Sep 16 12:08:00 1998
[Use the text you got from clicrypt above]
$ ./decode
eqjq2b4
Data type: Truncated IP
Message: 127.0.0.0-16