Do you have to have everyone in your key chain to be able to send encrypted messages to them? Can they open them even if they dont have a password?
Environment:
- Software name and version: (e.g. GPGMail 2.0a4 or GPG Keychain Access 1.0b3)
- OS X version: (e.g. 10.7.2)
- GPGTools Installer date:
What steps will reproduce the problem? Please be as specific as possible.
- ...
- ...
- ...
What do you expect to see? What do you see instead?
- I want to ...
- Instead ...
Provide any additional information, link a screenshot and debug output if possible.
- Screenshot: see attachment
- Debug output from /Applications/Utilities/Console.app: ...
First aid
- Have you already tried running the latest nightly of the GPGTool Installer?
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Luke Le on 14 Aug, 2012 10:30 PM
Hi Rhonda,
yes you have to have the public key of everyone you want to send encrypted message to in your keychain.
GPGMail currently doesn't support password-only protected messages only.
Hope that helps.
2 Posted by Rhonda Drawdy on 14 Aug, 2012 10:33 PM
How do I ensure that the message I am sending is secure if they can just open it up without a password or anything? I guess what I am saying is what makes this protected on the person receiving a email from me?
3 Posted by Rhonda Drawdy on 14 Aug, 2012 10:38 PM
Do all of my recipients of my emails have to have this same program to receive my emails? If so this is almost impossible as I deal with numerous health care facilities. Please let me know.
Thank you
Support Staff 4 Posted by Luke Le on 14 Aug, 2012 10:40 PM
For that to understand you need to have some basic knowledge of gpg.
If you create a new gpg key for yourself, that key contains a public portion and a private portion.
The private portion is never to be shared.
The public key portion you give to everyone you want to communicate securely with.
The message is then encrypted with your public key and only you, who was the private key to it, can decrypt the message. No one else.
Also, you have to set a passphrase for your key.
If someone for whatever reason would get a hold of your private key, they still couldn't decrypt your messages unless they know your passphrase.
Hope that explains the whole concept a little better.
Also, here's some further reading but it's really long:
http://support.gpgtools.org/kb/how-to/introduction-to-cryptography
Support Staff 5 Posted by Luke Le on 14 Aug, 2012 10:42 PM
Yes, they need some sort of GPG tool, but no, they don't need exactly GPGTools which is for OS X only.
There are various programs for Windows and Linux.
And also various plugins for known mail clients like Microsoft Outlook, Thunderbird and others.
6 Posted by Rhonda Drawdy on 14 Aug, 2012 10:49 PM
Yes this explains it a little better but I guess one more question and I should be good. I understand the passphrase and I have that set up. So when I send a message to someone they can't open the email unless I tell them my public portion and they type this into a box that pops up on their end when they receive a email from me?
I said last question but I guess that poses a new question since I have a MAC and most of my employees have PC's will this work back and forth and be compatible?
And lastly where is the private and public key located in the key chain? Thanks for all your help
Support Staff 7 Posted by Luke Le on 14 Aug, 2012 10:55 PM
Uh, I think I didn't completely explain this right.
Your colleagues all create their own key.
After that they send the public portion of their key to each other.
In order to send an encrypted email in the first place, they'll have to have your public key portion already.
That insures that the whole system is secure.
Once they get an encrypted message, a window will popup asking them for the passphrase set for their key.
Once entered, the message will be displayed decrypted.
This absolutely works under Windows as well. gpg4win.org should have all the information you need for Windows.
Always glad to help :)
8 Posted by Rhonda Drawdy on 14 Aug, 2012 10:56 PM
I said last question but I guess that poses a new question since I have a MAC and most of my employees have PC's will this work back and forth and be compatible?
Support Staff 9 Posted by Luke Le on 14 Aug, 2012 10:58 PM
Yes, this will absolutely work on PC's as well.
If they have Windows, please consult gpg4win.org.
10 Posted by Rhonda Drawdy on 14 Aug, 2012 11:01 PM
Yes this explains it a little better but I guess one more question and I should be good. I understand the passphrase and I have that set up. So when I send a message to someone they can't open the email unless I tell them my public portion and they type this into a box that pops up on their end when they receive a email from me?
11 Posted by Bill on 15 Aug, 2012 02:43 AM
Rhonda,
First off, you and all of your colleagues each create a Key Pair. A Key Pair consists of a Public Key and a Secret Key. You each then exchange all of your Public Keys, usually facilitated by a Key Server, or exchanged manually.
Now you want to write an encrypted email to Sally, so you write your email and encrypt it using her public key that she gave you. The only person on this earth who can decrypt the email is Sally using her Secret Key.
When you receive an email encrypted with your Public Key, you will enter your Secret Key's password to allow it to decrypt the message that was encrypted with your Public Key.
Hope that helps
Support Staff 12 Posted by Steve on 15 Aug, 2012 08:33 AM
Rhonda, Bill's is a very good explanation of how things work. Do you need further assistance?
Support Staff 13 Posted by Steve on 24 Aug, 2012 04:59 PM
No further user feedback. Closing.
@Rhonda: Should your problem persist, feel free to re-open this discussion any time.
All the best,
steve
Please consider a donation. We do all this in our spare time.
Steve closed this discussion on 24 Aug, 2012 04:59 PM.