Qubes/Thunderbird 78: Difference between revisions
From Legoktm
(wip) |
(finish) |
||
| Line 1: | Line 1: | ||
Guide on how to configure Qubes's split GPG to work in Thunderbird 78 as a "smartcard". This is based on a post in r/Qubes, but the OP deleted it. Also see the [https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards#Qubes_split_GPG_configuration Thunderbird split GPG documentation] and [https://wiki.mozilla.org/Thunderbird:OpenPGP:Migration-From-Enigmail migration notes]. |
|||
This is based on a post in r/Qubes, but the OP deleted it. |
|||
# Upgrade your TemplateVM so it installs Thunderbird 78 |
# Upgrade your TemplateVM so it installs Thunderbird 78 |
||
| Line 5: | Line 5: | ||
# Set <code>mail.openpgp.allow_external_gnupg</code> to <code>true</code> and <code>mail.openpgp.alternative_gpg_path</code> to <code>/usr/bin/qubes-gpg-client-wrapper</code>. |
# Set <code>mail.openpgp.allow_external_gnupg</code> to <code>true</code> and <code>mail.openpgp.alternative_gpg_path</code> to <code>/usr/bin/qubes-gpg-client-wrapper</code>. |
||
# Restart Thunderbird |
# Restart Thunderbird |
||
# Go to Account settings -> End-To-End encryption. You'll see something like "Thunderbird doesn't have an OpenPGP key for <address>" |
|||
# Click "Add key", select "Use your external key through GnuPG (e.g. from a smartcard)" and then "Continue" |
|||
# Enter the full key ID of the associated GPG key. You can run <code>gpg --list-secret-keys</code> in your split GPG vm to get the full key ID. |
|||
# Click "Save Key ID" and then you should be set. |
|||
Supposedly there's a way to get Enigmail to import your previous GPG keyring into Thunderbird, but I didn't figure that part out. |
|||
Latest revision as of 17:19, 8 October 2020
Guide on how to configure Qubes's split GPG to work in Thunderbird 78 as a "smartcard". This is based on a post in r/Qubes, but the OP deleted it. Also see the Thunderbird split GPG documentation and migration notes.
- Upgrade your TemplateVM so it installs Thunderbird 78
- Open Thunderbird, go to Preferences, scroll all the way down and click on "Config Editor". Accept the warning.
- Set
mail.openpgp.allow_external_gnupgtotrueandmail.openpgp.alternative_gpg_pathto/usr/bin/qubes-gpg-client-wrapper. - Restart Thunderbird
- Go to Account settings -> End-To-End encryption. You'll see something like "Thunderbird doesn't have an OpenPGP key for <address>"
- Click "Add key", select "Use your external key through GnuPG (e.g. from a smartcard)" and then "Continue"
- Enter the full key ID of the associated GPG key. You can run
gpg --list-secret-keysin your split GPG vm to get the full key ID. - Click "Save Key ID" and then you should be set.
Supposedly there's a way to get Enigmail to import your previous GPG keyring into Thunderbird, but I didn't figure that part out.
