Google Site SearchFN Site Search FN Blog Login FN Blog Login
Site Navigation:
 
 

Configuring Evolution 2.0 with Exchange and GPG Keys Support

by Alexandre de Abreu
Updated on Monday, 25-Oct-2004 11:32:02 PDT

Configuring and Using GPG Keys

GnuPG is a free implementation of OpenPGP, it will provides an interface for generating crypt keys, these will be used to encrypt and decrypt data including files, messages, etc. This part of the article will teach you how to use GPG to encrypt/decrypt binary and ascii files and how to use the GPG functions with Evolution Mail/Groupware suite.

After installing the GnuPG package you can generate a key by issuing the command below:

gpg --gen-key

Note: In case of using GPG key with Evolution, all commands on this tutorial must be executed by the same normal user who you do use to start Evolution.

You will be asked for some Key and Personal information such as your Name and Email. Choose the kind(ElGamal) and size of the key and a passphrase, some cases you need to do some action to generate enough entropy for the OS's key generation processs.

If the above command runs OK you will get a hidden subdir on user's home directory called ".gnupg", it will stores all crypt data including the Private Key and the Pubring database, which will hold the public keys already imported by that user.

In order to export your "armored"(ascii) public key issue the command below:

gpg -a --export -o pubkey.asc "email@domain.com"

Here's the output of my Public Key:

$ gpg -a --export "alex@fedoranews.org"
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.4 (GNU/Linux)

mQGiBED33jwRBADpWRqynq7nrwdwWDcElPcJMghqENRM9SJBvsllPtsslm0Xge/T
1A3Y3+636KJPsfLp3aeqGhf6i9DcOMVjAiL9KkkMmcpMLNJaqgUNwU/4NtcIA174
ksc1wnP2im3doqQWZPYftnyopsNuv5dtlT8kT9/2UlbPQm2VSo0DEsiw2wCgxXTF
U5kE0c7m1IwYsG8z65Vvk2UD/iu+Z2qSp2BP0WXpT1ouS/VflbkEsa9jCQMbzl5Z
IGRRUe+5cREo/dXl4+QtzjCNesROTRauyQ941DdOieGAwO+GAk2w0/Zwd2Tp1Mn8
6Ad8k4IUp9Hd3cA74fNI7g5ZBVHt2I7BpQxCrUUtpHlCveSWqaxB5gQfCacTY7fg
EnR+A/4/gU3ZQs5+N43bZEP4N1sEW6SwO7m0lljbmUs+xeqXYJWEkucDuzmNIhwh
7lUmgkG0FltdIRTVaVW6kerWXtq9XSR33DyuFeQCtifxm2uRH9Fz4IoOUQvpBpGE
cLD9As/jPQHfxXgiG0pqZhCrTWqPuy8/1JohOeI2VCI978bxErQoQWxleGFuZHJl
IGRlIEFicmV1IDxhbGV4QGZlZG9yYW5ld3Mub3JnPoheBBMRAgAeBQJA9948AhsD
BgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEDcVJ9GtpswePfgAoMHEbk3CxsHs1EF7
KxZ6NLL52QOyAKChWi9x2B44Ge/GpxcbyrJkHXxQlbkBDQRA994+EAQAnGV9FLcK
3FkU9BOrkh2VryxODmyahm8QFjq+YJCoK51i6zm0O28aBhj7/qvCZHSWvsAMrArT
OXwcWDuLcMpCgejdreIhXcuayngrBwre1mNV9OJDVRE7X7jC3HEeLx2dscF0DqID
GM0ZSQQkpORcccQZ27HPBY8vUU3MlPZNMGsAAwUD/0FndsF+Vb4Bo5sHUYuOXNpV
Ff+LtcX3tkxqogNhEcGM41Vo0x49IFEYRXa46SbrckSVu9ZfSuH/sd68SXyC0Vxl
F2QlVrhzJypsLTV6XpzahOmcNOnzxdDBUF60jpZ6lLxeHRGMUBN4WEA9Hg7ms8wf
oviGOQ22L67Fk2k7/+L0iEkEGBECAAkFAkD33j4CGwwACgkQNxUn0a2mzB5VhgCf
fxOQ6bHyJ7qLybSAD9iJgJ/NKygAn31cEeyd1V2208kMEccHKYP7/lfm
=SGhv
-----END PGP PUBLIC KEY BLOCK-----

If you receive a warning message about insecure memory, see this link on GPG FAQ http://www.gnupg.org/documentation/faqs.html#q6.1 and solve the problem.

Now, if someone needs to send you sensitive data, just send this person the file "pubkey.asc" which contains your public key. Usually, users keep this file on a public Key/Web server and/or put a link to it on mail messages footer.

When you receive encrypted data, generated by using you public key block, that can be decrypted by issuing the command gpg with the Decrypt(-d) parameter:

gpg -o outputfile -d file.(gpg|asc)

Remember that GPG will look for the private key on ".gnupg" subdir inside the homedir of the user who is executing the above command and ask for the correct passphrase. The output(-o) parameter is optional, if not used the content will be dropped on stdout.

To encrypt a file with other person's public key, first you need to import his/her key, this task can be accomplished by issuing the command:

gpg --import pubkey.asc

Where "pubkey.asc" file contains the armored key data, like the one showed above. To list the already imported keys, including yours, type the command:

gpg --list-keys

When someone send you a mail by encrypting the message content with your public key, the original content can only be decrypted using the Private key one, this is only held by the key's owner.

To encrypt a file or a text use the commands below, respectively: gpg -e binfile gpg -a -e textfile

The above commands will ask which public key will be used to encrypt the target file(s), so you will have to type the name used on key generation. The first command will create an encrypted file with the ".gpg" extension, the second one will create an encrypted text file with the extension ".asc", the last one will be used to exchange email messages.

Remember that only the person who has the private key file will be able do decrypt the encrypted file, so, you can use GPG for protecting your own files by encrypting them with your public key, or you can exchange encrypted email by importing users public key.

Next page will be "Configuring GPG Keys and Evolution", click on the blue arrow to continue.