r00tusr Posted June 18, 2013 Share Posted June 18, 2013 (edited) Hello Everyone. I am not sure if this is the appropriate forum to post a howto in, so if it isn't please let me know, and I will re-post. After mailvelope turned out to be pretty buggy, and watching mubix display stored private keys, I decided I wanted to go a different route to send encrypted email. I have a ubuntu vps I use frequently, and wanted to find a command line mail client that would allow me to send encrypted mail via pgp. After some web searches I found a few howto's setting up gmail, mutt and pgp. The howto's are fairly old, but I did a hak5 forum search for pgp, and didn't see any other howto's. The two that where most helpful are http://jrom.net/gmail-in-mutt and http://lifehacker.com/5574557/how-to-use-the-fast-and-powerful-mutt-email-client-with-gmail . I thought I would take a stab at writing my own how to for anyone else interested in this setup. Feel free to ask questions. I ended up installing performing this setup twice. Once on my ubuntu vps server, and another time on my xubuntu laptop. 1. To start off we will want to grab the mutt package r00tusr@cloudbox# sudo apt-get install mutt (If you are setting up postfix for the first time, you will be prompted for what type of mail configuration you want, choose: local only) 2. Now create the directories that will be used by the mutt client (used for storing headers, bodies, and certs) r00tusr@cloudbox# mkdir -p ~/.mutt/cache/headers r00tusr@cloudbox# mkdir ~/.mutt/cache/bodiesr00tusr@cloudbox# touch ~/.mutt/certificates 3. Then we setup the main configuration file to be used with mutt. (The lifehacker link has links to sample config files. It also explains that uk users need some different configuration file settings. When I looked at the different two of the variables use Google Mail, instead of GMail). We also need change the permissions of the config to 700 because the file stores sensitive account information. If you do not specify passwords in this file, it will still work, but you will be prompted each time you make a connection to the server. r00tusr@cloudbox# touch ~/.muttrc r00tusr@cloudbox# chmod 700 ~/.muttrc r00tusr@cloudbox# vi ~/.muttrc (Copy and Edit the config below, and save them to your ~/.muttrc file) # Config create with examples from: # http://lifehacker.com/5574557/how-to-use-the-fast-and-powerful-mutt-email-client-with-gmail # http://jrom.net/gmail-in-mutt #Your Gmail account details set imap_user = "EMAILADDRESS@gmail.com" set imap_pass = "PASSWORD" EMAILADDRESS@smtp.gmail.com:587/" set smtp_pass = "PASSWORD" set from = "EMAILADDRESS@gmail.com" set realname = "Name" # Setup your favorite editor to write email bodies set editor = "nano" # Basic config, you can leave this as is set spoolfile = "+INBOX" set imap_check_subscribed set hostname = gmail.com set mail_check = 120 set timeout = 300 set imap_keepalive = 300 set postponed = "+[GMail]/Drafts" set record = "+[GMail]/Sent Mail" set header_cache=~/.mutt/cache/headers set message_cachedir=~/.mutt/cache/bodies set certificate_file=~/.mutt/certificates set move = no set include set sort = 'threads' set sort_aux = 'reverse-last-date-received' set auto_tag = yes ignore "Authentication-Results:" ignore "DomainKey-Signature:" ignore "DKIM-Signature:" hdr_order Date From To Cc alternative_order text/plain text/html * auto_view text/html bind editor <Tab> complete-query bind editor ^T complete bind editor <space> noop # Gmail-style keyboard shortcuts macro index,pager y "<enter-command>unset trash\n <delete-message>" "Gmail archive message" macro index,pager gi "<change-folder>=INBOX<enter>" "Go to inbox" macro index,pager ga "<change-folder>=[Gmail]/All Mail<enter>" "Go to all mail" macro index,pager gs "<change-folder>=[Gmail]/Starred<enter>" "Go to starred messages" macro index,pager gd "<change-folder>=[Gmail]/Drafts<enter>" "Go to drafts" #Setup mail client to use PGP source ~/.mutt/gpg.rc 4. Now we need to create the gpg.rc file that is referenced in the last line of the config file above. This file is what allows mutt to integrate with pgp. We will copy the example file that comes with the mutt package, and make no changes. r00tusr@cloudbox# cp /usr/share/doc/mutt/examples/gpg.rc ~/.mutt/gpg.rc 5. Now we will generate our pgp keys. First our private key. (You can use the defaults or read up more on the options. Be sure to choose a strong password) r00tusr@cloudbox# gpg --gen-key Then our public key. (You can upload this key to one of the key servers or place it on an external facing link for people to access. It will be saved in the .gnupg directory as pubkey.txt) r00tusr@cloudbox# gpg --armor --output pubkey.txt --export 'r00tusr' 6. Now we have successfully configured mutt, we can add our email recipients public key into our key ring so mutt can see it. Copy your email recipients public key and save it as text file. I used r00tusr.txt as an example. import the key file you created with the following command r00tusr@cloudbox# gpg --no-verbose --import r00tusr.txt 7. Lets launch mutt and send out first encrypted email. Launch mutt email client r00tusr@cloudbox# mutt To send a message type the letter m enter an email: recipients_email@server.com enter a subject: Test encrypted email enter a email body: Encrypted email message!! (This is actually using nano as an editor so used ctrl+x and save file to exit) Next to encrypt the message type the letter p You will be asked to: PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, or ©lear? Type the letter e to encrypt (You will be prompted to choose a public key in the ring, choose the emai public key you imported above) Next type the letter y to send the message This should successfully send an encrypted email message. When you read an encrypted message you will be asked for the pass phrase you created with your privates key in step 5. Cheers! :D Edited June 18, 2013 by r00tusr Quote Link to comment Share on other sites More sharing options...
Sitwon Posted June 18, 2013 Share Posted June 18, 2013 Haha, I just went through all this about 3 months ago. Check out: https://github.com/Sitwon/dot-files/blob/master/muttrc and: https://github.com/Sitwon/dot-files/blob/master/mailcap Basically the improvements over what you already have are: 1) Comment out "set record=..." or you end up with double-copies of all your sent mail. 2) Bind group-reply so you can reply-all when necessary: bind index,pager A group-reply 3) Sign everything by default: set crypt_autosign=yes set crypt_replysignencrypted=yes 4) Setup a ~/.mailcap file for viewing HTML and images. Pandoc is a cool utility that can convert HTML to Markdown (or vice versa, among dozens of other potential conversion). When viewing HTML in the pager it will use pandoc by default, or you can hit 'v' to view attachments, select the HTML message part, and hit 'm' to force it to open in the browser. For images, just selecting them and hitting enter will open them in an image viewer (I use 'feh'). Quote Link to comment Share on other sites More sharing options...
r00tusr Posted June 18, 2013 Author Share Posted June 18, 2013 That's great! Thanks for the additional options! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.