Welcome to Eric Hameleers (Alien BOB)'s Wiki pages.

If you want to support my work, please consider a small donation:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

linux:pine_gpg [2006/03/17 12:44]
alien
linux:pine_gpg [2007/01/15 09:49] (current)
alien Changed X-GPG-PUBLIC_KEY and X-GPG-FINGRPRINT to: X-GPG-PUBLIC-KEY and X-GPG-FINGERPRINT since that looks more sane (and Lotus Notes does not like the underscore anyway)
Line 1: Line 1:
-==== Email encryption with Pine and GPG ====+===== Email encryption with Pine and GPG =====
  
-It is not hard to make [[http://www.washington.edu/pine/|Pine]] read and send GPG-encrypted or -signed messages. Several tools are available that glue gpg and pine together, and I use [[http://quantumlab.net/pine_privacy_guard/|Pine Privacy Guard]] (PPG). This is a small Perl script that does all the hard work.+Pine is a nice but powerful console mail client, and just like GPG, it is available on many Linux and Unix based computers.  
 +It is not hard to make [[http://www.washington.edu/pine/|Pine]] read and send GPG-encrypted or -signed messages. Several tools are available that glue gpg and pine together, and I use [[http://quantumlab.net/pine_privacy_guard/|Pine Privacy Guard]] (PPG). This is a small Perl script that does all the hard interfacing work. 
 + 
 +==== Installation and configuration ====
  
   * Install //Pine Privacy Guard// on your computer: <code>   * Install //Pine Privacy Guard// on your computer: <code>
Line 31: Line 34:
   * (Optionally - looks cool) add these custom X-Headers to each email you send with pine: <code>   * (Optionally - looks cool) add these custom X-Headers to each email you send with pine: <code>
 # Add these customized headers (and possible default values) when composing # Add these customized headers (and possible default values) when composing
-customized-hdrs=X-GPG-PUBLIC_KEY: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA7 +customized-hdrs=X-GPG-PUBLIC-KEY: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA75CBDA0
-5CBDA0+        X-GPG-FINGERPRINT: F2CE 1B92 EE1F 2C0C E97E 581E 5E56 AAAF A75C BDA0
-        X-GPG-FINGRPRINT: F2CE 1B92 EE1F 2C0C E97E 581E 5E56 AAAF A75C BDA0+
 </code> You can edit ''~/.pinerc'' directly (look for the ''customized-hdrs='' line) or configure from within pine (**S**etup > **C**onfig > **W**hereis > ''customized-hdrs'')\\ Of course, the example GPG fingerprint and key-URL are mine, and you should substitute your own. </code> You can edit ''~/.pinerc'' directly (look for the ''customized-hdrs='' line) or configure from within pine (**S**etup > **C**onfig > **W**hereis > ''customized-hdrs'')\\ Of course, the example GPG fingerprint and key-URL are mine, and you should substitute your own.
  
 +==== Working with GPG in Pine ====
 +
 +=== Sending email ===
 +
 +You use Pine as usual, so composing a new email is no different than before. The fun starts when you press <CTRL>-X to send it. Upon pressing <CTRL>-X instead of sending the message, Pine will ask which filter you want to use. You can choose 1 of 3 options (and cycle through them using <CTRL>-P and <CTRL>-N):
 +
 +  - Unfiltered; send email without using any cryptography.
 +  - Encrypt the email (PinePG will also sign it by default).
 +  - Clear-sign the email.
 +
 +After entering your choice, the email is sent.
 +
 +During your Pine session, the first time you have to use GPG to read or send a mail message, you will be prompted for your GPG passphrase. After that PinePG will [[http://quantumlab.net/pine_privacy_guard/faq.php#passphrase|securely]] remember your passphrase for the remainder of that session, so that you won't have to enter it again.
 +
 +=== Receiving email ===
 +
 +If you open any email that contains a GPG signed or encrypted message, the pinepg filter is automatically invoked. You are prompted for your GPG passphrase, so that the message can be decrypted. The caracters that you type, will not be displayed on the screen.\\
 +The output of GnuPG is displayed. It will show whether or not the encrypted text was successfully decrypted, if the GPG signature is valid if it was signed, and any other relevant information:
 +<code>
 +gpg: WARNING: using insecure memory!
 +gpg: please see http://www.gnupg.org/faq.html for more information
 +gpg: Signature made Fri Mar 17 03:19:07 2006 PST using DSA key ID A75CBDA0
 +gpg: Good signature from "Eric Hameleers <alien slackware.com>"
 +gpg:                 aka "Eric Hameleers <alien sox.homeip.net>"
 +</code>
 +Press ''E'' to continue.\\
 +The decrypted message is displayed as a normal message.
 +  * //Note:// The plaintext is not saved to the mailbox.
 +  * //Note:// The above warning about //[[http://www.gnupg.org/documentation/faqs.html#q6.1|insecure memory]]// is caused by the fact that I am not running GPG as root, and the ''/usr/bin/gpg'' binary is not setuid root. If you're bothered by the warning, implement either one of these solutions:
 +    * run <code>chmod +s /usr/bin/gpg</code> to fix the use of insecure memory. or
 +    * if you can't or don't want to install gpg setuid(root), then you can add the commandline parameter <code>
 +--no-secmem-warning
 +</code> to the gpg command, or put the line <code>
 +no-secmem-warning
 +</code> in your configuration file ''~/.gnupg/options'' or ''~/.gnupg/gpg.conf''. This will disable the warning message.
 +
 +
 +==== PGP/Mime ====
 +
 +Pine Privacy Guard does not handle PGP/Mime encrypted emails. I found a couple of links with possible solutions, but have not yet looked too deeply into these.
 +
 +  * [[http://privacy.audiointuition.com/pine/ | Reading PGP/Mime messages with Pine]]
 +  * [[http://www.david-guembel.de/index.php?id=12 | pgp-mime-handler]]

Personal Tools
sponsoring