Profanity Illustration

User Guide

PGP Encryption


Building with PGP support

Profanity uses the GPGME library to support PGP encryption. You will need the libgpgme-dev or equivalent installed. If the package is installed PGP support will be included automatically. To force the build to fail if support cannot be included, configure with the following:

./configure --enable-pgp

Assigning a key to your account

To allow contacts to send you PGP encrypted messages you must have a PGP key assigned to your account. To list all available keys on your system, use the command /pgp keys

Set the account pgpkeyid property with the /account command.

/account set alice@ejabberd.local pgpkeyid B4510EE476F2AA6F

Assigning keys to contacts

To be able to send PGP encrypted messages to contacts, you must associate a public key with them. The specification states that contacts should sign their presence with their key, if your contacts do this, you need to do nothing else.

If your contacts do not sign their presence, you will need to manually assign a public key using the /pgp setkey command.

/pgp setkey C4C71F21D0F2EC3D

To view a list of all currently known public keys, either through received signed presence or set manually.

/pgp contacts

Sending PGP encrypted messages

To start a new conversation sending PGP encrypted messages to a contact:

/pgp start bob@ejabberd.local

If you are already in a conversation window without PGP, you can start sending encrypted messages with the same command omitting the contact:

/pgp start

Receiving PGP encrypted messages

Assuming a public key is associated with the contact, they must also have enabled PGP encryption at their end.

Ending PGP encryption

To stop sending PGP encrypted messages to a contact:

/pgp end

The contact may also end PGP encryption at their end at any time.

User Interface options

By default, an indicator is displayed in the titlebar when no encryption is being used (including OTR and OMEMO).

This indicator can be removed using the /encwarn command.

/encwarn off

Both incoming and outgoing plaintext messages are always preceded by the '-' character.

By default PGP encrypted messages are preceded by the '~' character.

This character can be changed using the /pgp char command.

/pgp char P

PGP message logging

The /pgp log command may be used with the following options to control if and how PGP messages are recorded in chat logs.

PGP messages will be logged in plaintext
PGP messages will be logged, but the message will be replaced with the text '[redacted]'.
PGP messages will not be logged.

For the on and redact settings, chat logging must also be enabled with the /chlog command.