Reading OpenPGP E-mail
OpenPGP is an internet standard for encrypting and decrypting data. There are several implementations of this standard, both commercial and free software, for a variety of platforms and operating systems. One such popular free implementation is the GNU Privacy Guard.
OpenPGP implementations can be used to digitally sign, encrypt, and decrypt email messages for heightened security. You can register your own personal OpenPGP keys with Launchpad, and under some situations, Launchpad will send you signed or encrypted email. You would then use OpenPGP support in your mail reader to decrypt these messages or verify a message's digital signature. Of course, you can also use the OpenPGP support in your mail reader to trade encrypted messages with your colleagues, or sign your own messages so that others can have better assurances that the email that appears to come from you actually does comes from you.
The instructions below are not intended to provide you with detailed information on OpenPGP, its various implementations, or its use. These instructions simply provide links that can help you set up your mail reader to be compatible with OpenPGP signed and/or encrypted email.
See also GnuPrivacyGuardHowto instructions.
We need your help to flesh out these instructions!
Linux mail readers
You probably want Enigmail, a Thunderbird add-on. On Ubuntu systems, you should just install the enigmail package; I think this will install everything you need to get started with reading GPG signed and/or encrypted email.
Evolution has built-in support for OpenPGP. To associate a key with a given email address, perform the following steps:
Go to Edit -> Preferences.
Select the Mail Accounts page.
- Select the account that corresponds to the email address you're using with Launchpad.
Click the Edit button. A new configuration dialog will appear.
Select the Security tab.
Type your key ID or your e-mail address in the PGP/GPG Key ID field.
Click on OK to close the Account dialog.
Click on Close to dismiss the Preferences dialog.
KMail has built-in support for OpenPGP. To associate a key with a given email address, perform the following steps:
Go to Settings -> Configure KMail... .
Select the Identities page.
- Select the identity that corresponds to the email address you're using with Launchpad.
Click the Modify... button. A new configuration dialog will appear.
Select the Cryptography tab.
Select your OpenPGP signing and encryption keys. Click the Change... button to select the appropriate key from your list of keys.
Click OK to dismiss the Identity dialog.
Click OK again to dismiss the Settings dialog.
Check out this page http://codesorcery.net/old/mutt/mutt-gnupg-howto. In addition you probably want this .muttrc line as well: set pgp_auto_decode=yes
Claws Mail supports PGP with a plugin: install the claws-mail-pgpinline package.
The plugin may have to be loaded manually after installing it. Open Claws Mail and go to Configuration → Plugins... from the menu bar. If PGP/Core and PGP/inline are in the Plugins dialogue box, the plugins are loaded correctly. Otherwise, click on the Load Plugin... button towards the bottom of the window. In the file selection dialogue, select pgpinline.so and click the Open button. When Claws Mail tries to open encrypted e-mail, the program will prompt for your key's passphrase and then show the e-mail with the decrypted message.
Sylpheed supports OpenPGP/MIME natively, but not inline. In order to do so, you need to define some actions: click on Configuration → Actions, then add the following actions:
Verify OpenPGP Signature: gpg --no-tty --verify %p
Decrypt OpenPGP Message: * gpg --no-tty --command-fd 0 --passphrase-fd 0 --decrypt %p |
Once done, open your message, select the encrypted message block (including the BEGIN and END lines), and go to Tools → Actions in order to check or decrypt it. You might need to restart Sylpheed before you can use them.
The Actions section of the Sylpheed manual documents how they work, and other useful bits and pieces.
Mac OS X mail readers
GPGMail from Sen:te is an excellent plugin for Apple's Mail.app mail reader. It has great support for reading GPG signed and/or encrypted email, assuming you already have GnuPG installed on your Mac (if not, the Sen:te pages can help you with that). The plugin is easy to install, easy to use, and seems very stable. I have only tried it with Mail.app on Mac OS X 10.4. [BarryWarsaw 2007-04-04]
Windows mail readers
Google mail (Gmail)
FireGPG Firefox plugin is very helpful, but it is now DISCONTINUED so you may need to use the alternate method (see below). If you are able to get FireGPG (click on the "Download" link to install this in Firefox, accept the install, and then restart Firefox when it has finished): In Gmail, when you select text now and right click it, the bottom of your context menu will contain FireGPG, with options to sign, verify, crypt/decrypt, etc. This works well as far as it can be told, but remember that this extension is in Beta. There is a video on how to use FireGPG on gmail.
As an alternate method you can read the message from the terminal. Copy and paste the message from "-----BEGIN PGP MESSAGE-----" till "-----END PGP MESSAGE-----" including those two lines in a text file. From the terminal run "gpg -d opgpm.txt" excluding the quotes where "opgpm" is the name you gave the text file. You will be asked to enter your passphrase and you get the decrypted message.