poezio/doc/en/plugins/gpg.txt
Florent Le Coz 5fee56440c Add a simple_notify plugin
And also fix some issues, like the split of the exec_command arguments.
And the doc for the plugin, too.
2012-01-10 16:30:59 +01:00

101 lines
3.4 KiB
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

GPG
===
This plugin implements the
link:http://xmpp.org/extensions/xep-0027.html[XEP-0027] “Current Jabber OpenPGP
Usage”.
This is a plugin used to encrypt one-to-one conversation using the PGP
encryption method. You can use it if you want really good privacy. Without this
encryption, your messages are encrypted *at least* from your client (poezio) to
your server. The message is decrypted by your server and you cannot control the
encryption method of your messages from your server to your contacts server
(unless you are your own servers administrator), nor from your contacts
server to your contacts client.
This plugin does end-to-end encryption. This means that *only* your contact can
decrypt your messages, and it is fully encrypted during *all* its travel
through the internet.
Note that if you are having an encrypted conversation with a contact, you can
*not* send XHTML-IM messages to him. They will be remove and be replaced by
plain text messages.
Installation and configuration
------------------------------
You should autoload this plugin, as it will send your signed presence directly
on login, making it easier for your contacts clients to know that you are
supporting GPG encryption. To do that, use the _plugins_autoload_ configuration
option.
You need to create a plugin configuration file. Create a file named _gpg.cfg_
into your plugins configuration directory (_~/.config/poezio/plugins_ by
default), and fill it like this:
[source,conf]
---------------------------------------------------------------------
[gpg]
keyid = 091F9C78
passphrase = your OPTIONAL passphrase
[keys]
example@jabber.org = E3CFCDE2
juliet@xmpp.org = EF27ABCD
---------------------------------------------------------------------
The *Poezio* section is about your key. You need to specify the keyid, for the
key you want to use. You can as well provide a passphrase. If you dont, you
should use a gpg agent or something like that that will ask your passphrase
whenever you need it.
The *keys* section contains your contacts id keys. For each contact you want
to have encrypted conversations with, add her/his JID associated with the keyid
of his/her key.
And thats it, now you need to talk directly to the *full* jid of your
contacts. Poezio doesnt let you encrypt messages whom recipients is a bare
JID.
Additionnal information on GnuPG
--------------------------------
Create a key
~~~~~~~~~~~~
To create a personal key, use
==================
gpg --gen-key
==================
and fill the instructions
Keyid
~~~~~
The keyid (required in the gpg.cfg configuration file) is a 8 character-long
key. You can get the ones you created or imported by using the command
=======================
gpg --list-keys
=======================
You will get something like
---------------------------------------------------------------------
pub 4096R/01234567 2011-11-11
uid Your Name Here (comment) <email@example.org>
sub 4096R/AAFFBBCC 2011-11-11
pub 2048R/12345678 2011-11-12 [expire: 2011-11-22]
uid A contacts name (comment) <fake@fake.fr>
sub 2048R/FFBBAACC 2011-11-12 [expire: 2011-11-22]
---------------------------------------------------------------------
In this example, the keyids are *01234567* and *12345678*.
Share your key
~~~~~~~~~~~~~~
Use
===========================
gpg --send-keys --keyserver pgp.mit.edu <keyid>
===========================
to upload you public key on a public server.