Re: [Evolution] Encrypting with GnuPG: `no imported public key` if key is not valid (not ultimate trusted)



On 2017-11-04 at 13:06 +0100, Tim Rausch via evolution-list wrote:
Hello,

I'm running Evolution 3.26.1-1 on Debian stretch (amd64) and would like
to use GnuPG to secure my mails. My GPG private key is stored on a
YubiKey (but that shouldn't matter).

I imported my own key and the public keys of the people I want to write
to GPG and selected my key in the preferences of Evolution. Now,
decrypting mails sent to me works as well as sending signed (not
encrypted messages). Sending encrypted messages to myself also works as
the ownertrust of my own key is set to "ultimate".

The issues now is that I can not send mails to people whos keys are not
valid, that means they don't have ultimate ownertrust and are not
signed by me.

Edit → Preferences → Choose the account → Edit → Security → Check
"Always trust keys in my keyring when encrypting"


Alternatively, you could have used "trust-model always" in
your .gnupg/gpg.conf, but that would affect gpg usage everywhere, so
it's better to do the above.

Obviously, you must be aware that this will mean you may send an
encrypted email with an untrusted key (ie. the key may belong to anyone
else).
However, as the alternative to sending encrypted with a key which might
belong to an imposter is usually to send the message with no encryption
at all, it's generally a useful setting.


I would have expected you to get that verbose message in the yellow
error box, instead of needing to use strace in order to find it, though.

Best regards



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]