Help      |      Chebucto Home      |      News      |      Contact Us     

70. Pleasure of pressing button
to encrypt, decrypt email
Part Two of Two

By Andrew D. Wright

In Part One of this two part column, we showed you how to set up the free Open Source program Gnu Privacy Guard (GPG) and generate Public and Secret Keys which you use to encrypt and decrypt data.

You would use this to send confidential information to someone over an insecure connection like email in a form only the recipient can open.

GPG is a command line program. It can be used all by itself to encrypt and decrypt messages, upload and download keys and so on but for daily practical use, there is nothing like just pressing a button to encrypt or decrypt your email. Here's how to set that up using the free Open Source email program Mozilla Thunderbird and the Enigmail extension. Extensions are add-on programs that enable Thunderbird to do more things.

If you're not already using it, download, install and set up Mozilla Thunderbird. It can import your mail and settings from other email programs. You should use secure mail settings if your provider supports them.

Open your web browser and go to the Enigmail home page listed below. Follow the link to download Enigmail and save it to your hard drive, noting where you put it. Open Thunderbird and go to Tools then Extensions.

Now click the Install button in the Extensions window and select the file you just downloaded. Install it by pressing the Install button then when done close and restart Thunderbird.

Click on Enigmail on the Thunderbird menu and select Preferences. You need to put in where to find gpg.exe (by default, C:\PROGRA~1\GNU\GNUPG\GPG.EXE ) and click OK.

Go into Tools then Account Settings and select OpenPGP options. Check Enable OpenPGP support. Click OK.

Now compose a message to yourself. When done, click the OpenPGP button and click Encrypt message. You can also add a digital signature to it which would prove the message came from you. You'll need to type in your GPG Secret Key pass phrase. This pass phrase is very important and under no circumstances should you ever save this pass phrase on your computer. Send the message. You'll see your message has been replaced by a big block of random looking text. If you check your sent mail folder, the message is encrypted there also. (You can turn this off but that is a bad idea.)

When your test message arrives, you will need to press the Decrypt button and type in your Secret Key pass phrase to read it.

Anyone you want to send an encrypted message to needs to have created a Public Key for themselves as you have done. Let's say they have. Write a new message to them like you would normally. Encrypt the message and hit Send. A window will open up. Press Download Missing Keys and then OK. Enigmail will search for the email address of your recipient on the keyserver. A network of keyservers exchange Public Keys with one another. If the key is found, you can click on it and hit OK to import the new key so you can use it to encrypt the message. Select the key of your recipient and click okay to send the encrypted message. You can read your copy of the message in your sent mail with your Secret Key and the other person reads the copy you sent them with their Secret Key. Anyone else sees only rubbish.

To upload your Public Key to a keyserver, select the Enigmail menu, click on OpenPGP Key Management. Select your key then click on the Keyserver menu item and Upload Public Keys. We've set up a Public Key for for anyone wanting to try this out.

Gnu Privacy Guard download (free):

Gnu Privacy Guard manual (free):

Mozilla Thunderbird download (free):

Enigmail extension home page (free):

The Mousepad runs every two weeks. It's a service of Chebucto Community Net, a community-owned Internet provider. If you have a question about computing, email If we use your question in a column, we'll send you a free mousepad.


The Mousepad Index


Originally published 16 October 2005


Our community is online here!


A feature of the Halifax Herald