Point-and-Click E-Mail Crypto
KGPG is integrated nicely into KDE and KDE applications. The most useful is the Konqueror browser. Once KGPG is installed, you can right-click on a document, and under the Actions menu, create an encrypted version of the document. One of the options is to shred the original, which makes a lot of sense if keeping the unencrypted version is a problem. When encrypting files, you can add multiple keys for different people who can read the document. If you shred the original file, make sure you include your own key whenever you encrypt it. If I use only my firstname.lastname@example.org key, I am the only person that can decrypt the file.
Finally, we are ready to send an encrypted e-mail. Using KMail (or Kontact), type a message—I'll use email@example.com as the To: address. Select the Lock icon (or Options→Encrypt from the menu). When you click Send, a dialog comes up. If you do not see the recipient's key, press the refresh button. Also, if you didn't sign the key, it won't show up; go back and sign it with the Key Management tool and then press the refresh button. Finish typing the message and click Send.
With KMail, decrypting messages is built in. When you receive an encrypted message, you are asked for your passphrase and the message opens. If you are sending an encrypted message, if the e-mail address is in your keyring, it is encrypted and sent automatically. You also can send the message encrypted to several people at once, as long as you have their public keys.
Another method is to encrypt the file with KGPG and send the encrypted file as an attachment. KMail automatically decrypts the attachment for viewing (select view not open). For Web-based e-mail clients, you can download the file and decrypt or view it with Konqueror.
If you are using a Web-based e-mail client such as Yahoo mail, you can cut and paste the encrypted messages from the clipboard to the KGPG editor by right-clicking on the Tasks Tray icon, and then select decrypt clipboard. The same holds true for encrypting messages.
More popular than encryption is signing e-mails. Of course, this doesn't encrypt the text, but signing a message proves that it is from you. If I sign all my e-mails, because it is policy, and you get an e-mail from me that is not signed (or the signature doesn't match), you can assume it is a fake and alert whoever needs to be notified.
With KMail, the e-mail message is color-coded to let you know if it is a signed message and if the message came from a trusted source—yellow means signed, and green means signed and trusted.
Another handy tool in KGPG is the ability to create groups of keys. I could have an Administrative group that contains three or four keys. When sending a message, I can select that group and send it out. Later, if a recipient forwards the message to another person in the group, it already will be ready to read.
One other thing, under Configure KGPG, use the ASCII Armor option. It should be on by default. This makes signatures and encryption in plain text, so it is easy to mail, print and cut and paste. Without ASCII Armor, some files will be binary and may cause problems.
Time permitting, I'll try to decrypt and answer any encrypted messages that may come in. Because KGPG is included with KDE, it is included with most Linux distributions. Setting up a few keys and testing it yourself is only an hour or two worth of work.
With GnuPG and KGPG, using keys and encryption is a viable solution if you need to tighten up security. In my career, a lot of attention has been given to security for connections and transactions over SSL, but little attention has been given to files and e-mail. With KDE, and some effort, having secure e-mail is easy to set up. One idea to start with is encrypting any e-mail you send to your manager or the owner of the company. Another idea is to set up a private folder on the network that stores only encrypted documents. Following these types of security policies makes encryption easier to implement.
Resources for this article: /article/7863.
Roy Hoobler is owner of Connect Computing, Inc. (www.connectcomputing.com). As an independent consultant with ten years of proprietary software experience, his firm now focuses on helping small businesses to use Linux, as well as implement open-source business applications.
|Making Linux and Android Get Along (It's Not as Hard as It Sounds)||May 16, 2013|
|Drupal Is a Framework: Why Everyone Needs to Understand This||May 15, 2013|
|Home, My Backup Data Center||May 13, 2013|
|Non-Linux FOSS: Seashore||May 10, 2013|
|Trying to Tame the Tablet||May 08, 2013|
|Dart: a New Web Programming Experience||May 07, 2013|
- RSS Feeds
- New Products
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- Drupal Is a Framework: Why Everyone Needs to Understand This
- A Topic for Discussion - Open Source Feature-Richness?
- Home, My Backup Data Center
- New Products
- Validate an E-Mail Address with PHP, the Right Way
- Developer Poll
- Trying to Tame the Tablet
- not living upto the mobile revolution
12 min 9 sec ago
- Deceptive Advertising and
47 min 41 sec ago
- Let\'s declare that you have
48 min 38 sec ago
- Alterations in Contest Due
49 min 44 sec ago
- At a numbers mindset, your
50 min 55 sec ago
- Do not get Just Almost any
54 min 24 sec ago
- A fantastic rule-of-thumb to
55 min 47 sec ago
- Keren mastah..
1 hour 53 min ago
- mini tablet compare
3 hours 12 min ago
- Looking Good
6 hours 45 min ago
Free Webinar: Linux Backup and Recovery
Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.
In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.