VectorLinux

Please login or register.

Login with username, password and session length
Advanced search  

News:

Visit our home page for VL info. For support and documentation, visit the Vector Linux Knowledge Center or search the Knowledge Center and this Forum using the search box above.

Author Topic: HOW TO: GPG sign and encrypt email  (Read 10355 times)

hata_ph

  • Packager
  • Vectorian
  • ****
  • Posts: 3261
  • -- Just being myself --
HOW TO: GPG sign and encrypt email
« on: June 26, 2013, 09:32:35 am »

1. Make sure gnupg, gnupg2 and gpgme is installed

2. Generate your GPG key via gpg --gen-key command

Quote
$ gpg --gen-key
gpg (GnuPG) 1.4.6; Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Please select what kind of key you want:
   (1) DSA and Elgamal (default)
   (2) DSA (sign only)
   (5) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Darryl C. Noye
Email address: Noye@ psu.edu
Not a valid email address
Email address: Noye @ psu.edu
Comment: Weblion Rocks
You selected this USER-ID:
    "Darryl C. Noye (Weblion Rocks) <Noye @ psu.edu>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
+++++++++++++++++++++++++++++++++++.+++++.+++++...+++++++++++++++.+++++.+++++++++++++++...+++++++++++++++++++++++++.+++++++++++++++++++++++++>+++++.+++++..............................................................+++++

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 300 more bytes)
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
...+++++.+++++.+++++++++++++++...++++++++++..+++++.++++++++++..++++++++++..+++++..++++++++++.++++++++++.++++++++++..++++++++++++++++++++++++++++++..+++++.+++++.+++++.+++++>++++++++++>+++++<.+++++.....................................................................>+++++..................................................................................................+++++^^^
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 4B4270F0 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   1024D/4B4270F0 2008-01-22
      Key fingerprint = FBB0 B4D3 3D7C E55F 4B72  9709 6E14 6AFB 4B42 70F0
uid                  Darryl C. Noye (Weblion Rocks) <Noye @ psu.edu>
sub   2048g/0DF9258B 2008-01-22

or you can use your previous GPG key by copying your $HOME./gnugp folder...use gen --list-keys and gen --list-secret-keys to check your GPG key

3. You can import any GPG key that you want via gpg --import public.key

Get more detail about how to use gnugpg at https://wiki.archlinux.org/index.php/GnuPG
« Last Edit: June 28, 2013, 03:40:37 am by hata_ph »
Logged

hata_ph

  • Packager
  • Vectorian
  • ****
  • Posts: 3261
  • -- Just being myself --
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #1 on: June 26, 2013, 07:01:25 pm »

Using Sylpheed...

1. Compile sylpheed with gnupg support.



2. Compose an email with GPG Sign and GPG Encrypt...it should ask for your GPG key and passphase...



3. Select your GPG key to send out the sign and encrypted email



4. key in your passphare

« Last Edit: June 26, 2013, 07:56:17 pm by hata_ph »
Logged

sledgehammer

  • Vectorian
  • ****
  • Posts: 1487
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #2 on: June 26, 2013, 07:42:59 pm »

hata_ph,

I use Seamonkey for email which, I believe, takes off from Thunderbird.  Can you think of some advantages offered by sylpheed? 
Logged
VL7.0 xfce4 Samsung RF511

hata_ph

  • Packager
  • Vectorian
  • ****
  • Posts: 3261
  • -- Just being myself --
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #3 on: June 26, 2013, 07:49:00 pm »

Using Claws-mail

1. Make sure claws-mail is compile with gpgme support (--enable-gpgme)

2. Load the PGP/Core, PGP/inline and PGP/MIME from the plugins screen...



3. Enable Privacy System with either PGP Inline or PGP MIME. It is optional to enable sign and encrypt email as default.



4. Configure GPG plugins to use the default key or key by your email address



5. Compose an email with sign or encrypt option enable



6. You will prompt for the passphase to decrypt and encrypt any email

« Last Edit: June 26, 2013, 08:01:01 pm by hata_ph »
Logged

hata_ph

  • Packager
  • Vectorian
  • ****
  • Posts: 3261
  • -- Just being myself --
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #4 on: June 26, 2013, 08:16:39 pm »

Using thunderbird

1. Install enigmail addon for thunderbird



2. Either use Enigmail's setup wizard to configure your GPG key or configure it manually as show in the first thread.



3. Use Enigmail's key management screen to double check your GPG key



4. Compose an email with Sign and Encrypt option



You can get more info about configuring thunderbird and enigmail with below link

https://support.mozillamessaging.com/en-US/kb/digitally-signing-and-encrypting-messages
http://www.enigmail.net/home/index.php

PS: Enigmail will use pinentry for passpharse input if it detect your gpg-agent is running at background...so option is either use pinentry with gpg-agent or disable gpg-agent at startup and enigmail will handle the passpharse input...there is another workaround by modifying $HOME/.thunderbird/xxxxx.default/extensions/{xxxxxx}/components/enigmail.js

http://sourceforge.net/p/enigmail/bugs/122/?limit=25
http://www.amiryan.org/2009/04/22/bugfix-howto-turn-off-gpg-agent-usage-in-enigmail-thunderbird/
« Last Edit: June 26, 2013, 08:40:33 pm by hata_ph »
Logged

hata_ph

  • Packager
  • Vectorian
  • ****
  • Posts: 3261
  • -- Just being myself --
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #5 on: June 26, 2013, 08:27:07 pm »

hata_ph,

I use Seamonkey for email which, I believe, takes off from Thunderbird.  Can you think of some advantages offered by sylpheed? 

sledgehammer,

Enigmail should work on seamonkey as well...
Sylpheed and claws-mail is a bit lighter compare to thunderbird
Logged

Pita

  • Vectorian
  • ****
  • Posts: 1345
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #6 on: June 26, 2013, 11:46:44 pm »

Great! That will give NSA more headache. :P

I sent an encrypted massage which opened with abiword encrypted.

How do I decipher it? ;)
Logged

hata_ph

  • Packager
  • Vectorian
  • ****
  • Posts: 3261
  • -- Just being myself --
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #7 on: June 27, 2013, 05:27:53 am »

Great! That will give NSA more headache. :P

I sent an encrypted massage which opened with abiword encrypted.

How do I decipher it? ;)

do you mean you are sending an encrytped email or attachment?

https://makandracards.com/makandra/1699-send-and-receive-encrypted-file-attachments-with-thunderbird-enigmail-openpgp
Logged

Pita

  • Vectorian
  • ****
  • Posts: 1345
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #8 on: June 27, 2013, 07:30:50 pm »


do you mean you are sending an encrytped email or attachment?

https://makandracards.com/makandra/1699-send-and-receive-encrypted-file-attachments-with-thunderbird-enigmail-openpgp

I sent an email with sylpheed encrypted and it arrived as an attachment:
encrypted.asc

I was able to decipher a mail sent with seamonkey. Same mail does not
decipher when trying to open with sylpheed.
« Last Edit: June 28, 2013, 11:10:51 pm by Pita »
Logged

hata_ph

  • Packager
  • Vectorian
  • ****
  • Posts: 3261
  • -- Just being myself --
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #9 on: June 27, 2013, 10:06:25 pm »

does your sylpheed compile with gnupg support?

If you are using VL 7.0, you can install sylpheed-3.3.0-xxx-3vl70 from http://vlcore.vectorlinux.com/pkg/untested/veclinux-7.0/x86/ or http://vlcore.vectorlinux.com/pkg/untested/veclinux-7.0/x86/
it is compile with gnupg support...
Logged

Pita

  • Vectorian
  • ****
  • Posts: 1345
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #10 on: June 28, 2013, 01:26:18 am »

does your sylpheed compile with gnupg support?

If you are using VL 7.0, you can install sylpheed-3.3.0-xxx-3vl70 from http://vlcore.vectorlinux.com/pkg/untested/veclinux-7.0/x86/ or http://vlcore.vectorlinux.com/pkg/untested/veclinux-7.0/x86/
it is compile with gnupg support...


It must be otherwise how would it send encrypted and following your nice
instuctions all worked out.
It really does not matter since I can use seamonkey which does open an
encrypted file sent with sylpheed.
Logged

Pita

  • Vectorian
  • ****
  • Posts: 1345
Re: HOW TO: GPG sign and encrypt email in sylpheed
« Reply #11 on: June 28, 2013, 11:09:20 pm »

does your sylpheed compile with gnupg support?

If you are using VL 7.0, you can install sylpheed-3.3.0-xxx-3vl70 from http://vlcore.vectorlinux.com/pkg/untested/veclinux-7.0/x86/ or http://vlcore.vectorlinux.com/pkg/untested/veclinux-7.0/x86/
it is compile with gnupg support...


It must be otherwise how would it send encrypted and following your nice
instuctions all worked out.
It really does not matter since I can use seamonkey which does open an
encrypted file sent with sylpheed.

My Sylpheed does decipher encrypted mail if done the correct way.

I sent an encrypted mail with seamonkey and opened it with Sylpheed. :D
Logged