Encryption Preferences

Functionality of the Password and Encryption Keys tool can be customized. Possible options are described in this section.

Encryption Settings

  1. Click Computer+Control Center+Personal+Encryption and Keyrings.

  2. Click Encryption tab.

  3. Choose from the following options:

    Default Key:  Specifies the key you want to use to sign files. Files will be encrypted to this key if the When encrypting, always include myself as a recipient option is selected.

    When encrypting, always include myself as a recipient:  Select this option to add yourself to the recipients list for all files encrypted by Passwords and Encryption Keys. If you do not select this option, and you do not select yourself as a recipient, you cannot decrypt any files you encrypt.

  4. Click Close.

Passphrase Cache

Enabling Passwords and Encryption Keys's passphrase caching ability allows you to perform many operations that require entering your passphrase without reentering it every time seahorse-daemon takes the place of gpg-agent. Letting the cached passphrases expire is usually a good idea. This will then require reentering your passphrase, but adds security.

  1. Click Computer+Control Center+Personal+Encryption and Keyrings.

  2. Click the PGP Passphrases tab.

  3. Choose from the following options:

    Never remember passphrases.  Select this option to not remember any passphrase.

    Remember passphrases for ... minutes.  Specifies the amount of time, in minutes, for storing passphrases.

    Always remember passphrases whenever logged in.  Select this option to remember any passphrases whenever you are logged in to the session.

    Ask me before using a cached passphrase.  Select this option to ask you before a stored passphrase is used.

    Show icon in status area when passphrases are in memory.  Select this option to show a warning icon when passphrases are in memory.

  4. Click Close.

Password Keyrings

You can use password keyring preferences to create or remove keyrings, to set the default keyring for application passwords or to change unlock password of a keyring. To create a new keyring, follow these steps:

  1. Click Computer+More Applications+Utilities+Passwords and Encryption Keys.

  2. Click File+New+Password Keyring, then click the Continue.

  3. Enter new keyring's name and press Add.

  4. Set and confirm new keyring's Password and click Create.

To change unlock password of an existing keyring, click on the keyring in the Passwords tab and press Change Password. You have to provide the old password to be able to change it.

To change the default keyring for application passwords, click on the keyring in the Passwords tab and press Set as Default.

Key Servers

You can keep your keys up-to-date by syncing keys periodically with remote keyservers. Syncing will ensure that you have the latest signatures made on all of your keys, so that the web of trust will be effective.

  1. Click Computer+More Applications+Utilities+Passwords and Encryption Keys.

  2. Click Edit+Preferences, then click the Key Servers tab.

    Passwords and Encryption Keys provides support for HKP and LDAP keyservers.

    HKP Servers:  HKP keyservers are ordinary Web-based keyservers such as the popular hkp://pgp.mit.edu:11371, also accessible at http://pgp.mit.edu.

    LDAP Keyservers:  LDAP keyservers are less common, but use the standard LDAP protocol to serve keys. ldap://keyserver.pgp.com is a good LDAP server.

    You can Add or Remove keyservers to be used using the buttons on the left. To add a new keyserver, set its type, host and port, if necessary.

  3. Set whether you want to automatically publish your public keys and which keyserver to use. Set whether you want to autopmatically retrieve keys from keyservers and whether to synchronize modified keys with keyservers.

  4. Click Close.

Key Sharing

Key Sharing is provided by DNS-SD, also known as Bonjour or Rendevous. Enabling key sharing adds the local Passwords and Encryption Keys users' public key rings to the remote search dialog box. Using these local key servers is generally faster than accessing remote servers.

  1. Click Computer+More Applications+Utilities+Passwords and Encryption Keys.

  2. Click Edit+Preferences, then click the Key Sharing tab.

  3. Select Share my keys with others on my network.

  4. Click Close.