Your browser doesn't support the features required by impress.js, so you are presented with a simplified version of this presentation.
For the best experience please use the latest Chrome, Safari or Firefox browser.
Metro Detroit Linux Users Group
GPG setup and maintenance on linux
There are some GUI or point and click programs
These programs will allow you to create, export,
update, sign, send and sync with the servers
In Linux Mint there are three servers configured
by default: Ubuntu, SKS, and PGP.com.
Seahorse is a GNOME application for managing
* install on a Debian based system
sudo apt-get install seahorse
KGPG is a simple, free, open source
KDE frontend for gpg.
* install on a Debian based system
sudo apt-get install kgpg
if you would rather use the command line
here is the process Using GnuPG to generate a key
The prompts are fairly self explanatory, it will ask what kind of key
(first one is a good option), Enter your name, email, and comment like a
nick name. It will also ask for a pass phrase, Don’t forget it.
add this line to your ~/.bashrc
to find your key-id use the numbers after 2048R/
pub 2048R/DB471CEE 2013-09-24 uid Anthony Bemus (Tony the Gray)
Send your key to the server.
*In this case its the Ubuntu server
gpg --send-keys –keyserver
gpg -ao file-public.key –export $GPGKEY
gpg -ao file-secret.key
gpg --import file-public.key
gpg --import file-secret.key
Privacy through Encryption
Ecrypting in the CLI using your gpg key
Ecrypting in the CLI using a password
Sign the file people can verify it is from you
Sign and encrypt the file for a user (mat)
The whole point of all this is to create a web of trust.
Sign keys of people that you can
verify their identity:
1) Keysigning Partys
2) People you already know
1) Locate someone that lives near you and can meet with you to verify your ID.
2) Arrange for a meeting. Bring at least one ID with photo and printed fingerprint
of your OpenPGP key, ask the same from the person you will be meeting with.
3) Print copies of your public key
1) get the last eight digits of your fingerprint:
0995 ECD6 3843 CBB3 C050 28CA E103 6EED 0123 4567
2) terminal: gpg --fingerprint 01234567 >> key.txt
4) print the resulting key.txt file and bring as many copies to the meeting
as you expect to have people sign
5) Meet, verify your IDs and exchange OpenPGP key fingerprints
6) Sign the key of the person you've just met. Send him/her the key you've just signed.
7) Update your keys on the keyserver, the signature you've just created will
Finger Print C447 A702 1EDD 6738 068A 29B1 886C C3F6 DB47 1CEE
Using GPG for secure communication
1) Open Evolution and go to Edit->Preferences.
2) Choose your email account, click on it, and then click Edit.
3) Click on the security tab.
4) In the PGP/GPG Key ID: box, paste your KEY-ID.
Evolution has built-in support for OpenPGP.
Look under the Security tab when you edit accounts.
1) Start up KMail
2) Go to the Settings menu
3) Select the Security icon on the left hand side
4) Select the Crypto Backends tab
5) Make sure OpenPGP (gpg) is in the list, and check the box next to it.
6) Select the Identities Icon on the left hand side
7) If you haven't already created an identity for yourself, create one now.
8) Select your identity and click the Modify... button
9) Select the Cryptography tab
10) Click on Change... next to OpenPGP signing key
and select your preferred key from the list.
11) Repeat for OpenPGP encryption key if you want to encrypt messages
12) Make sure the Preferred crypto message format is either Any or OpenPGP/MIME.
The inline format is deprecated, and highly annoying to users of mail client
software that doesn't support this standard. This is the "old" way of doing things,
and the OpenPGP/MIME format is the preferred method.
13) Click OK in the edit identity window and in the preferences window.
1) claws-mail-pgpinline is available in the "Universe" repository.
2) sudo apt-get install claws-mail-pgpinline
3) The plugin may have to be loaded manually after installing it.
Open Claws Mail and select Configuration -> Plugins
1) If PGP/Core and PGP/inline are in the Plugins dialogue box,
the plugins are loaded correctly.
2) Otherwise, click on the Load Plugin button towards the bottom of the window.
In the file selection dialogue, select pgpinline.so and click the Open button.
4) When Claws Mail tries to open encrypted e-mail, the program will prompt
for your key's passphrase and then show the e-mail with the decrypted message.
Claws Mail supports OpenPGP through the plugin
1) Thunderbird supports OpenPGP through the enigmail plugin.
2) Enigmail is available in the "Main" repository.
3) sudo apt-get install enigmail
4) Configure OpenPGP support in Thunderbird under
Enigmail->Preferences and add under GnuPG executable path.
The path for GnuPG is /usr/bin/gpg.
1) Create a ~/.mutt directory and copy this file into it:
2) Append this line to the muttrc configuration file.
source ~/.mutt/gpg.rc # Use GPG
4) If you're using Mutt 1.5.13, you'll need to fix the paths to pgpewrap
1) It's All Text! is a Firefox extension which allows you to edit
your mail in your preferred local text editor.
2) If your editor supports it, this can make handling of encrypted mail easier.
3) For example, you could use gnupg.vim and a local Vim instance.
How to Encrypt Files on Linux Using GPG, Ccrypt, Bcrypt and 7-Zip
GPG with KDE and Kmail
On the MDLUG wepsite
Use a spacebar or arrow keys to navigate