Message: previous - next
Month: November 2011

Kmail + GPG

From: Kristopher John Gamrat <chaotickjg@...>
Date: Wed, 16 Nov 2011 12:09:52 -0500
Kmail is giving me issues with setting up a GPG for signing. I'm hoping 
someone can help. I've never used a signing key for my email, but one of my 
friend's email keeps getting hacked, and I've been hacked a couple times, so 
it would help if he and I both could have a signing key.

I tried generating a gpg key using both the "gpg --gen-key" command and using 
KGPG. KGPG recognizes both the key I used it to generate, and the key I 
generated with the gpg key (as in, both keys show up). KGPG shows both keys 
as being trusted ultimately.

Kmail recognizes both keys, but the OK button is greyed out, and question 
marks are next to both keys.

To add the keys, I went to the Kmail settings -> Identities -> Default 
identity -> Modify -> Cryptography -> OpenPGP Signing Key -> Change. Both 
keys are here but unselectable as described above.

In Kmail settings -> Security -> Crypto Backends, both "OpenPGP (gpg)" 
and "S/MIME (gpgsm)" are selectable (not grayed out) and check marked.

In ~/.gnugp/gpg.conf, I have the 'use-agent' option on it's own line (without 
quotes, of course).

In ~/.gnugp/gpg-agent.conf, I put the following as suggested in my Google 

pinentry-program /usr/bin/pinentry-x11
default-cache-ttl 1800

I have tried with gpg-agent running in daemon mode, and without it running at 

I have KGPG running in my system tray. When gpg-agent is running, I have KGPG 
set to use it, and I unset it when gpg-agent isn't  running.

For those who need a visual of my Kmail not accepting my GPG keys, I uploaded 
a screenshot to . 
Both keys there are mine, generated on my machine under the user that I am 
logged in as. Since both are Ultimately Trusted, they should be accepted.

Reread Keys in the Kmail dialog doesn't help, nor does right clicking the keys 
and selecting Recheck.

The certificate manager button, and the Search For External Certificates 
button, both open Kleopatra. I don't want to use a certificate, I want to use 
one of the GPG keys that it's listing.

Any suggestions much appreciated.

Kristopher Gamrat
Ark Linux webmaster