From Fedora Project Wiki

Line 65: Line 65:
Otherwise, follow these steps to send a single email with a GPG digital signature:
Otherwise, follow these steps to send a single email with a GPG digital signature:


1. Select ''Write''.
# Select ''Write''.
 
# Compose the message as normal.
1. Compose the message as normal.
# Click the ''OpenPGP'' button. Select both ''Sign Message'' and ''Use PGP/MIME'', and choose ''OK''.
 
# Choose ''Send''.
1. Click the ''OpenPGP'' button. Select both ''Sign Message'' and ''Use PGP/MIME'', and choose ''OK''.
# If prompted, enter the passphrase for your GPG key.
 
1. Choose ''Send''.
 
1. If prompted, enter the passphrase for your GPG key.


----
----
[[Category:DocsProject]]
[[Category:DocsProject]]
[[Category:Security Guide]]
[[Category:Security Guide]]

Revision as of 18:28, 27 May 2008

Using GPG Keys with Mozilla Mail Clients

Fedora Core includes Mozilla Thunderbird in the thunderbird package, and the mozilla-mail package for the Mozilla Suite email application. Thunderbird is the recommended Mozilla email application. This appears on your desktop as Applications > Internet > Thunderbird Email.

Mozilla products support extensions, plugins that add new features to the main application. The Enigmail extensions provide GPG support to email products from Mozilla. Versions of Enigmail exist for both Mozilla Thunderbird, and the Mozilla Suite (Seamonkey). Netscape software from AOL is based on the Mozilla products, and may also use this extension.

To install Enigmail on Fedora systems, follow the instructions given below.

Enigmail uses the term OpenPGP in menu items and options. GPG is an implementation of OpenPGP, and you may treat the terms as equivalent.

The homepage for Enigmail is: http://enigmail.mozdev.org/download.html.

This page provides screenshots of Enigmail and GPG in action: http://enigmail.mozdev.org/screenshots.html

Installing Enigmail on Fedora

To install Enigmail on Fedora systems, perform the following steps:

  • Download the relevant extension. Fedora Core 4 includes Thunderbird version 1. Fedora Core 5 supplies Thunderbird version 1.5. In Firefox, right-click the relevant extension, choose Save Link As..., and select Save. Mozilla extensions are XPI files, and have the suffix .xpi at the end of the filename.
  • If Thunderbird is currently running, close it.
  • To install the specified extension for all users, run Thunderbird as the root user with the -install-global-extension option. For example, to install /home/me/enigmail-0.94.0-tb15-linux.xpi, enter following command:
su -c 'thunderbird -install-global-extension /home/me/enigmail-0.94.0-tb15-linux.xpi'

Enter the root password when prompted.

This command installs the extension without opening a window on your desktop.

  • Alternatively, to install the extension for your account only, load Thunderbird and choose Tools > Extensions > Install. Select the XPI file, and OK. Close Thunderbird.
  • Load Thunderbird as normal. If you see the OpenPGP menu, Enigmail is successfully installed.

Signed messages automatically display their status at the top of the message window. To sign messages that you send, follow the instructions below.


Configuring a GPG Signature in Thunderbird

  • Install the Enigmail extension, as explained above.
  • If you do not have a GPG key, follow the instructions on this page to generate your key: [wiki:DocsProject/UsingGpg/CreatingKeys]
  • Open Thunderbird Email, and select Edit > Account Settings.
  • Choose OpenPGP Security for the e-mail account that requires digital signatures.
  • Select Enable OpenPGP support (Enigmail) for this identity. If your GPG key lists a different email address to the address for this identity, select Use specific OpenPGP key ID, and enter the ID of the key.
  • To automatically sign all emails from this account, select both Sign non-encrypted messages by default, and Sign encrypted messages by default. Select Advanced, PGP/MIME, and choose Always use PGP/MIME. Select OK to close the OpenPGP Preferences.
  • Choose Composition & Addressing for the same account. Ensure that Compose messages in HTML format is disabled.
  • Choose OK to apply the changes.


Sending a Signed E-mail with Thunderbird

If you configure Thunderbird to sign email for the account by default, the emails that you send automatically include your GPG signature.

Otherwise, follow these steps to send a single email with a GPG digital signature:

  1. Select Write.
  2. Compose the message as normal.
  3. Click the OpenPGP button. Select both Sign Message and Use PGP/MIME, and choose OK.
  4. Choose Send.
  5. If prompted, enter the passphrase for your GPG key.