Kleopatra for Linux installation and operation guide

Aug 17, 2024

Polski: Poradnik instalacji i obsługi programu Kleopatra na Linux

Kleopatra is a PGP tool for managing encryption keys. This guide describes how to create a public PGP key in Kleopatra on Tails and other Linux distributions.

Kleopatra on Tails #

The Kleopatra tool is installed by default on Tails since version 5.0, and no manual installation of the GPG program on that system is required.

Search for Kleopatra in the Applications menu and click to run.
To preserve access to the generated and imported keys between sessions, set up an encrypted persistent volume. Select Applications→Tails→Persistent Storage, click Contrinue, enter a strong random password twice in both Passphrase and Confirm fields, and confirm the volume creation by clicking Create Persistent Storage. Select GnuPG in the list of persistent volume features and finish setup.

Installing Kleopatra with APT (Debian, Ubuntu & Kali Linux) #

To install Kleopatra on Linux, open a terminal and run the following command:
sudo apt update && sudo apt upgrade -y && sudo apt install kleopatra scdaemon -y
After the installation is complete, launch the Kleopatra application using the shortcut in the application menu or by typing kleopatra in the terminal.

Installation 1

On the first launch, you need to check if scdaemon is installed and configured:
sudo gpgconf –check-options scdaemon
Then click Rerun Tests, and then Continue.

Installation 2

If scdaemon is not installed, enter the following command in the terminal:
sudo apt install scdaemon -y

Installation 3

Generating keys in Kleopatra #

Open the Kleopatra application and click the New Key Pair button.

Key Generation 1

Enter your nickname. It is recommended to set a passphrase. Click Advanced Settings.

Key Generation 2

Select your preferred key algorithm and size RSA, 4096 bits, check the Authentication option, and click OK.
Set a passphrase for the key, which will be used to protect it, and then click OK.

Key Generation 3

Key Generation 4

Backing up the private key in Kleopatra #

Go to the key management screen, select your private key, and click Export Secret keys….

Backup 1

Select the location where you want to save the key, and click Save.

Backup 2

Ensure the key is saved in a secure location.

Backup 3

It is also recommended to create a backup of the public key.

Backup 4

A backup copy of the private key should be encrypted with VeraCrypt or TrueCrypt and placed on external media for protection against data loss.

Importing public keys in Kleopatra #

Open the email or other communication containing the public key.

Key Import 1

Copy the public key to the clipboard.
Open the Kleopatra application and select the Notepad option. Paste the public key and click Import Notepad.

Key Import 2

You will then need to certify the new certificate. You will likely be prompted for a passphrase.

Key Import 3

Your new PGP key has been imported.

Key Import 4

Encrypting messages in Kleopatra #

Open the Kleopatra application and click Notepad.

Encryption 1

Paste the content of the message you want to encrypt into the text field.

Encryption 2

Select the recipient’s public key from the list of available keys.

Encryption 3

Click Encrypt Notepad.
After encrypting the message, copy the resulting text to the clipboard.
You can now share the encrypted text in another app, such as via an instant messenger, or save it to a file.

Encryption 4

We do not need to import the public key again when encrypting the next messages. The key will be saved in the program files.

Decrypting messages in Kleopatra #

Open the encrypted message in any text editor.
Copy the encrypted text to the clipboard, then open the Kleopatra application.
Click Notepad and paste the encrypted text.

Decryption 1

Click Decrypt / Verify Notepad. If prompted for a passphrase, enter the passphrase for your private key.

Decryption 2

Signing messages in Kleopatra #

Open the Kleopatra application and click Notepad.
Paste the content of the message you want to sign into the text field.

Signing 1

Select your private key.

Signing 2

Then click Sign Notepad. Copy the signed text to the clipboard.

Signing 3

You can now share the signed text in another app, such as via an instant messenger, or save it to a file.

Signing 4

Avoid signing messages that seem universal. For example, a signed “I agree” or “It’s me” message can be saved and used to impersonate you in another conversation. Signed messages should be complete sentences describing the purpose and circumstances of the signature.

Verifying messages in Kleopatra #

Open the signed message and copy its content to the clipboard.
Open the Kleopatra application, click Notepad and paste the signed text into the text field.

Verification 1

Click Decrypt / Verify Notepad. Kleopatra will display the verification result, informing you whether the signature is valid.

Verification 2

We do not need to import the public key again when verifying subsequent signatures of the same author. The key will be saved in the program files.

Tags: