| SUSE LINUX – User Guide Chapter 16. KMail — The KDE Mail Application / 16.11. Encrypting Mail with PGP or GnuPG | ||||
|---|---|---|---|---|
 | 16.10. Filters | 16.12. For More Information |  | |
| SUSE LINUX – User Guide Chapter 16. KMail — The KDE Mail Application / 16.11. Encrypting Mail with PGP or GnuPG | ||||
|---|---|---|---|---|
| 16.10. Filters | 16.12. For More Information | | |
You can encrypt outgoing e-mail with KMail. To encrypt your e-mail, first generate a key pair as described in Chapter 15. Encryption with KGpg. Then log out and log in again.
With ++++, determine in what cases and with which process your e-mail messages should be encrypted. The corresponding module (usually openpgp) must be activated first. In , enter the file name of the crypto library. In the case of OpenPGP, this is /usr/lib/cryptplug/gpgme-openpgp.so. /usr/lib/cryptplug/gpgme-smime.so is valid for smime. An asterisk in the displayed table marks the active module. If desired, select to be alerted when attempting to send an unencrypted e-mail. To encrypt any attachments as well, check in ++++.
After setting the preferences, click (under ). Select the identity with which encrypted or signed messages should be sent and choose . Select the tab in the dialog that opens. Click for to display a selection box from which to choose the keys. Confirm with . The encryption system is now ready.
The public key must be made available to recipients of a signed message so they can verify its authenticity. It also needs to be accessible to enable others to send encrypted messages to the owner of the key. Public keys can be stored on a public PGP key server, such as www.pgp.net.
Create your messages as usual. Before sending the message, click the corresponding icon (second to last) in the toolbar of the window or choose +. The message can then be sent. To sign it, KMail must know your PGP password. However, if you have already provided the password, KMail signs the message without requesting any further information. The results of the PGP signing process can be reviewed in the Sent Messages folder (or in the outbox if you did not use ). There, your e-mail should be marked with the notice that it was signed by you.
If KMail is able to verify the signature of an e-mail, a green frame with the key ID is displayed. If the signature cannot be verified, a yellow frame with an alert is displayed. This means that you do not have a suitable public key for the signature.
Create a message for the person who should receive your public key. Choose +. The mail can then be sent. There is no guarantee that the recipient of a signed message receives the correct key. It is possible for the mail to be intercepted on the way to the recipient and signed with another key. Therefore, the recipient should check the attached key by comparing the finger print with a previously received value. Further information about this can be found in the PGP and GnuPG documentation.
In KMail, select the message to decrypt. Enter your password when prompted. KMail attempts to decrypt the message. If it was encrypted with your public key, KMail displays it in clear text. If not, you cannot read the e-mail message. KMail saves these e-mail messages encrypted to prevent anyone from reading them without your password.
To send an encrypted message to a recipient for whom you have the public key, simply write the message in the window. Before sending the message, click the red key icon in the window's toolbar. Now, the message can be sent. If KMail cannot find a key for the recipient, a list with all available keys is shown. Select the appropriate one from the list or abort the process. KMail also informs you if errors occur during the encryption process. You cannot read encrypted messages if you did not click in the tab.
