Hi, Kmail is giving me issues with setting up a GPG for signing. I'm hoping someone can help. I've never used a signing key for my email, but one of my friend's email keeps getting hacked, and I've been hacked a couple times, so it would help if he and I both could have a signing key.
I tried generating a gpg key using both the "gpg --gen-key" command and using KGPG. KGPG recognizes both the key I used it to generate, and the key I generated with the gpg key (as in, both keys show up). KGPG shows both keys as being trusted ultimately.
Kmail recognizes both keys, but the OK button is greyed out, and question marks are next to both keys.
To add the keys, I went to the Kmail settings -> Identities -> Default identity -> Modify -> Cryptography -> OpenPGP Signing Key -> Change. Both keys are here but unselectable as described above.
In Kmail settings -> Security -> Crypto Backends, both "OpenPGP (gpg)" and "S/MIME (gpgsm)" are selectable (not grayed out) and check marked.
In ~/.gnugp/gpg.conf, I have the 'use-agent' option on it's own line (without quotes, of course).
In ~/.gnugp/gpg-agent.conf, I put the following as suggested in my Google searches:
--- pinentry-program /usr/bin/pinentry-x11 no-grab default-cache-ttl 1800 ---
I have tried with gpg-agent running in daemon mode, and without it running at all.
I have KGPG running in my system tray. When gpg-agent is running, I have KGPG set to use it, and I unset it when gpg-agent isn't running.
For those who need a visual of my Kmail not accepting my GPG keys, I uploaded a screenshot to http://linuxjutsu.com/~kris/Pictures/kmail_gpg_prob.png . Both keys there are mine, generated on my machine under the user that I am logged in as. Since both are Ultimately Trusted, they should be accepted.
Reread Keys in the Kmail dialog doesn't help, nor does right clicking the keys and selecting Recheck.
The certificate manager button, and the Search For External Certificates button, both open Kleopatra. I don't want to use a certificate, I want to use one of the GPG keys that it's listing.
Any suggestions much appreciated.
On Wednesday 16 November 2011 18:09:52 Kristopher John Gamrat wrote:
For those who need a visual of my Kmail not accepting my GPG keys, I uploaded a screenshot to http://linuxjutsu.com/~kris/Pictures/kmail_gpg_prob.png . Both keys there are mine, generated on my machine under the user that I am logged in as. Since both are Ultimately Trusted, they should be accepted.
Reread Keys in the Kmail dialog doesn't help, nor does right clicking the keys and selecting Recheck.
The certificate manager button, and the Search For External Certificates button, both open Kleopatra. I don't want to use a certificate, I want to use one of the GPG keys that it's listing.
Any suggestions much appreciated.
hm, I just checked my settings and found more or less the same, that is: I cannot re-select my keys in kmail settings just like shown in your screenshot, if I delete the key that is alread in there :-( that is the difference: I do have my actual keys in there. so I believe that is a bug. can you see your keys if you add the fingerprint manually in your ~/.trinity/share/config/emailidentities ? like so:
PGP Encryption Key=A5624S8FE8079ZDE33EF17512A973893429C38AE
werner
On Wednesday 16 November 2011 01:09:40 pm Werner Joss wrote:
hm, I just checked my settings and found more or less the same, that is: I cannot re-select my keys in kmail settings just like shown in your screenshot, if I delete the key that is alread in there :-( that is the difference: I do have my actual keys in there. so I believe that is a bug. can you see your keys if you add the fingerprint manually in your ~/.trinity/share/config/emailidentities ? like so:
PGP Encryption Key=A5624S8FE8079ZDE33EF17512A973893429C38AE
I'm guessing I add the fingerprint? The private/public keys that it's showing are much shorter than your PGP Encryption Key.
On Wednesday 16 November 2011 19:20:11 Kristopher John Gamrat wrote:
I'm guessing I add the fingerprint? The private/public keys that it's showing are much shorter than your PGP Encryption Key.
yes, add the fingerprint. maybe then kmail will recognise the keys, which should be valid, as stated before
werner (just signing this message to confirm it still works :) )
On Wednesday 16 November 2011 01:28:30 pm Werner Joss wrote:
On Wednesday 16 November 2011 19:20:11 Kristopher John Gamrat wrote:
I'm guessing I add the fingerprint? The private/public keys that it's showing are much shorter than your PGP Encryption Key.
yes, add the fingerprint. maybe then kmail will recognise the keys, which should be valid, as stated before
werner (just signing this message to confirm it still works :) )
On Wednesday 16 November 2011 01:28:30 pm Werner Joss wrote:
On Wednesday 16 November 2011 19:20:11 Kristopher John Gamrat wrote:
I'm guessing I add the fingerprint? The private/public keys that it's showing are much shorter than your PGP Encryption Key.
yes, add the fingerprint. maybe then kmail will recognise the keys, which should be valid, as stated before
werner (just signing this message to confirm it still works :) )
It's complaining that it doesn't have enough info to check your signature validity :-)
It seems it's recognize my key now. I'm signing this message, can you confirm it's coming through signed? If so, I should have enough info to file a bug report.
Thanks for help :-)
On Wednesday 16 November 2011 19:38:07 Kristopher John Gamrat wrote:
It seems it's recognize my key now. I'm signing this message, can you confirm it's coming through signed? If so, I should have enough info to file a bug report.
yes, fien, message is signed.
Thanks for help :-)
you'r welcome :)
werner
-
Kristopher John Gamrat -
Werner Joss