Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I want to use keys on horde. I have already seen that you can setup the public key of people in their item of the address book. However, how do I set up my private key so email that's sent goes out encrypted?
GPG allows you to sign, and optionally encrypt using a pre-arranged secret key or else passphrase. To sign, you need your own *valid* private key and the recipient's public key.
To create a private key: gpg --gen-key
What you choose depends on whether you want to sign only or sign and encrypt.
correct me if I'm wrong. The mechanics of sending encrypted mail is this:
- the recipient generates his/her key pair, publishes his _public_ key to _potential_ senders.
- The sender uses the recipient's _public_ key to encrypt the mail.
- The recipient uses his/her _private_ key to decrypt the mail.
Is that right? That means that I would need to set up people's public keys in horde so that i can encrypt mail sent to them (I've already said that I can do that in the address book items). And I'll need to set my private key so that I can decrypt mail sent to me. How's that done?
Maybe one explanation of the whole process in horde (not generating the keys, as I said) would be pertinent. Anyway,. I've noticed that I need IMP to do this whole thing... so I'll be working on it on monday.
For the public keys, you 'import' them which adds them to your public 'keyring'.
Also, it is best if you set up your keys to expire and allow for publication of a revocation list. If a key is expired or revoked you get messages printed out asking if you're sure you want to decrypt the message. Normally, if a key is revoked you never decrypt the message.
Take time to read the gpg manual (man gpg); practice generating your own keys and an alternate set so you can play with encoding and decoding text files on your own machine and also 'importing' the public keys from the other key list.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
horde: How are gnupg private keys set up?
