March 21, 2019

KMail In Depth - page 3

Masses Of Features and No Malware

  • January 13, 2005
  • By Carla Schroder

This is the condensed version; we'll cover this in detail in a future article.

WARNING: Never ever share your private key! Only your public keys.

GPG serves two functions: encrypting messages to protect them in transit, and verifying the sender. You may use either of these, or both. You need GnuPG 1.2 or newer and GnuPG Made Easy (GPGME). While you're at it, grab KGpg, a nice graphical KDE utility for managing your keys.

First generate your private/public key pair:

$ gpg --gen-key

When you enter the comment, make it something to help you differentiate this key from any others you might have, such as "default email key." You'll be using the passphrase a lot- longer is better, like a silly sentence "this is my l33t passphrase."

Next, configure KMail. Settings -> Configure KMail -> Security -> Crypto Backends. Hit the "scan" button and KMail will find "OpenGPG (gpg)". Check everything it finds. Then go to the "Warnings" and "Composing" tabs and season to taste. Now go to Settings -> Configure KMail -> Identities, select an identity, and click "Modify." Configure your "Crytography" defaults. This is where your helpful comment pays off in helping you to select the right key. Go ahead and choose keys for both signing and encryption; you will always be able to choose what you want when you compose a message.

Now you can send an encrypted message. Compose a message to yourself, then click on the little padlock at the top of the message to encrypt it, or use the Options menu. When it arrives you'll have to enter your passphrase to read it. KMail remembers the passphrase until you close it down.

Public keys are used to "lock" or encrypt a message. Then the recipient uses their private key to decode the message. So to send someone an encrypted message, you need a copy of their public key. Conversely, anyone who wants to send you an encrypted message needs your public key to encrypt it. Use KGpg for this: Keys -> Export Public Key(s) -> Email. Email it un-encrypted, of course. To import a public key use KGpg, or

$ gpg --import keyfilename

Most Popular LinuxPlanet Stories