This tutorial is a continuation to the previous Thunderbird+Enigmail tutorial. This is intended for you GNOME users (on Ubuntu, Fedora, PureOS, etc.) particularly if you use Evolution Mail Client. You will learn how to import your own pair of public+private keys, setup Evolution, and finally read and send email in encryption. Also, you can attach your public key so every recipient can reply to you with encrypted mail only you can read. Overall, it's easy if you know the way. Enjoy!
Subscribe to UbuntuBuzz Telegram Channel to get article updates directly.
Assumption
I assume that you already have your own pair of public+private keys. You will only need to import that pair into Evolution. If this is your first time in email encryption, see previous tutorial to create your pair.
Warning
- GNOME Seahorse uses GPG version 2 and not GPG version 1.
- You may find many / most of your friends' public keys are GPGv1, not GPGv2.
- You may find you cannot import your friends' public keys into GNOME Seahorse.
- Unfortunately, you will need to use command line (Terminal) to import keys to GNOME Seahorse.
1. Install GNOME Seahorse
This program is also known as "Passwords & Keys" on the menu. If you don't have the Seahorse on your system, then install with apropriate command below:
Ubuntu:
$ sudo apt-get install seahorse
Fedora:
$ sudo dnf install seahorse
openSUSE:
$ sudo zypper install seahorse
2. Import Your Own Key Pair
This is necessary so you can read encrypted emails sent to you.
- Copy your .asc file containing your public-private keys.
- Open your Terminal.
- $ gpg2 --import name_of_your_keypair_file.asc
- Successful import will result in "secret keys imported: 1".
 |
| Notice the command is gpg2 and not gpg |
Now open up GNOME Seahorse ("Passwords and Keys" program on menu) and you should see your key pair under PGP Keys section. When you double-click your key pair, you see your Key ID like on the right dialog on picture below. That's important.
 |
| The Seahorse showing my own GPG2 keypair |
3. Configure Evolution
What you really need to do is only inserting Key ID into Evolution. Just copy and paste it from the Seahorse.
- Run Evolution Mail Client.
- Go to menu Edit > Preferences > select your mail account name i.e. mignu@bitmessage.ch > click Edit > Account Editor appears.
- On Account Editor, go to Security section.
- Copy and paste your Key ID from the Seahorse into Account Editor.
- Choose Signing algorithm: to be the biggest one.
- OK.
 |
| Copying Key ID from the Seahorse to Evolution |
4. Read Encrypted Mail
All done. Open any encrypted email and Evolution will automatically decrypt (unlock) it for you. But remember, every time you read encrypted email, you will be asked for Passphrase, the password you have created for your own pair of public-private keys. See example below.
 |
| Reading encrypted email on Evolution |
 |
| Before reading, enter the Passphrase of your key |
5. Send Encrypted Mail
To send encrypted email to your friend, once again, you must have his/her public key stored on the Seahorse. Otherwise you cannot. I assume you've already imported public keys:
- Click New Email
- Write email
- Make sure the button Encrypt this message is activated (see below)
- Send
- You will be asked for the Passphrase of your own private key
- Evolution will automatically encrypt your email to your friend
 |
| See where cursor hovers above |
 |
| Before sending, enter the Passphrase of your key |
6. Attach Your Public Key
I admit for this time it's not as simple as with Enigmail on Thunderbird. But what's important here is you know how to do.
First step: Export your public key
- Go to Seahorse again
- Select your Personal Key
- Click menu File > Export
- Select "armored" from the option on bottom-right
- Select a storage folder that's easy for you to access
- You got a file named [first_name][last_name].asc
- Done! You don't need to do this again.
Second step: Attach your public key
For every email you send out:
- Click New Email
- Write your mail
- Click Attach File button
- Open the .asc file you've exported above
- Send
- Your mail sent with your public key attached
- It's good to do this for every recipient!
 |
| It's easy to attach your public key (.asc) in each email you send |
Enjoy!
References
- https://help.gnome.org/users/seahorse/stable/pgp-export.html.en
- https://snikt.net/blog/2016/02/27/evolution-seahorse-gpg-gpg2-woes
- https://emailselfdefense.fsf.org/en
This article is licensed under CC BY-SA 3.0.