Hello there,
I'm using Ubuntu Hardy 8.04 on my desktop, and Ubuntu 9.10 on my laptop. I would like to find out what people have found to be the best frontend for using GNuPG (GNU Privacy Guard).
I have downloaded and installed:
Seahorse
Kgpg
GPA
And have used the Seahorse Evolution mail plug-in. Here are is my estimation of their shortcomings.
1) Seahorse does not have the ability to encrypt material on clipboards. Seahorse is claimed to "integrate well with Gedit" but I don't see how. Seahorse does integrate with Nautilus, but does not allow ascii output, only binary as far as I can see.
2) The Seahorse-Evolution mail plug-in does not:
a) allow one to preview the encrypted content before sending--so unless you checked everything right, you be sending cleartext! (That has happened the first time).
b) Does not allow for encryption requiring keys that have ids not matching any email addresses. Some users do not label their keys by email addresses. There is no "select key" dialogue when using keys.
3) KGPG
a) Has a text editor, but does not have a "sign and encrypt" option. You can sign and then encrypt, but not both at the same time.
b) You can't send a message to multiple users, save yourself and one recipient. Nothing happens when you select multiple users.
c) Does not implement with Nautilus. If it allows for a one-step sign/encrypt and allow for encryption to multiple users using Dolphin (which I've not tried) please let me know.
4) GPA (Gnu Privacy Assistant)
Does not allow for multiple recipients at least under Hardy. Selecting more than one key on the keyring when trying to encrypt and sign a file causes it to crash.
What I'd like is a frontend that--
Ideally allows for signing/encryption to be done from the clipboard (using a text editor say) where multiple keys can be chosen if the message was to go to multiple recipients, without having to have key IDs that match any email addresses (like Evolution does). I would also like to preview the results before sending to know that it's been done right.
Finally, I'd like one where the passphrases I typed in were not hidden--I think hiding your passphrase as you type it in is actually not a good security idea, or at least an overhyped one, because when you can see your passphrases you can and will use longer and better ones. (The counter-argument that either someone might be looking over your shoulder and memorizing what you type, or that a camera could capture the passphrase if it's not hidden, is rather silly IMHO--I mean, if an attacker had access to your computer could install a hidden camera nearby wouldn't be easier to just install a keylogger instead??)
PGP 6.5.8ckt, which I used to use back in my Windows days, did everything I wanted and more, but won't work well under Wine (I can manage older keys with it, but can't encrypt/decrypt even using Notepad as the text editor in Wine). The ideal program I want would mimic what it could do. I also know I could issue the relevant commands in the command line (which I used to do in PGP 2.6.xx) but that's a hassle and still doesn't avoid (I think) the hidden passphrase problem.
Any ideas or comments?
StewartM
Adv Reply
Originally Posted by FuturePilot
I still would prefer the passphrase not being hidden while typed, as I said, but this is much better. (Regrettably, I may have to shorten my passphrasses as I've already forgotten one for a 2.6 legacy key and am in the process of trying to recover it so I can revoke the key--and hiding the typing does not help. (That was before there were programs like Revelation to store passphrases).
Bookmarks