Re: PGP: difference between Kleopatra and Kgpg, both from KDE
Marco Möller wrote: > So, unfortunately I am still in need to find more information about the > two different (or in the end not different?) GUI tools concerning their > PGP functionality. > Focus on kgpg for now and start with PGP and OpenGPG (gnupg) https://www.openpgp.org/ There are also many other sites that explain use of PGP. Kleopatra can be seen as KDE specific tool for managing certificates and keys (GPGsM) but in different context. My advise: Forget it for now! > Many thanks for all the other explanations which you also gave in your > answer, they have been helpful! > Marco. welcome
Re: PGP: difference between Kleopatra and Kgpg, both from KDE
On 31.05.21 22:57, deloptes wrote: apt-cache show kleopatra apt-cache show kgpg I think the above parts of the package description explains quite well the use cases. With kleopatra you manage certificates in KDE (such like SSL) With Kgpg you manage GPG keys and you can encrypt/decrypt GUI style text Well, these descriptions partly cause my question. Following the package descriptions, Kgpg appears as the GUI frontend to GnuPG and in addition having a feature to input text into a field and to encrypt it right there instead of having to receive the input from a file, while Kleopatra appears to be kind of a GUI database manager for managing PGP keys and also X.509 certificates. But installing them both and comparing there PGP related offers without understanding too much about the topic, Kleopatra seems, like Kgpg, the same being a GUI frontend to GnuPG, also including the feature for generating key pairs, and like Kgpg also having in addition a feature to input text into a field and to encrypt it right there instead of having to receive the input from a file. To this extend it could simply be, that Kleopatra includes all Kgpg functionality and then as an extra adds management of also X.509 functionality to it. But if I compare the PGP settings which are offered in the GUI for creating a PGP key, then in detail this looks different in Kgpg and Kleopatra. Kleopatra seems to offer more options and is using more technical names for them, while Kgpg seems to offer a smaller amount of options and describes them more verbosely instead of using so much technical abbreviations. As a beginner it is very difficult to foresee if they are finally the same, with Kleopatra simply enhancing the amount of offered features in comparison to smaller Kgpg, Kgpg being kind of the tool for beginners and Kleopatra being the tool for experts, or if Kgpg is actually targeting work cases by its options in its GUI which are not addressed by Kleopatra like this. It could even be that under the hood one is known to work more reliable or working closer to the openPGP standard or being more compatible to interface with other PGP tools or Apps wanting to use PGP. I am here specially watching out for the PGP functionality and not considering that Kleopatra as an extra also offers X.509 functionality. So, unfortunately I am still in need to find more information about the two different (or in the end not different?) GUI tools concerning their PGP functionality. Many thanks for all the other explanations which you also gave in your answer, they have been helpful! Marco.
Re: PGP: difference between Kleopatra and Kgpg, both from KDE
On Lu, 31 mai 21, 22:57:26, deloptes wrote: > > gnupg is the mother of all open source pgp stuff. In fact you must know that > PGP is the commercial implementation of a standard for symetric encryption > (I hope I am not wrong in my wording while citing from memory) PGP supports asymmetric encryption as well (also known as public-key cryptography), otherwise it wouldn't be very usable for e-mail ;) https://en.wikipedia.org/wiki/Public-key_cryptography > Gnupg is the opensource equivalent of PGP and it is great :) command line > utility and set of libraries that makes it possible to use encryption on > numerous of devices. The application is called gpg. > Kgpg is a front end to gnupg. Go to the home page of gpg and read, get > familiar to it. It definitely needs understanding before using. I'll have to disagree with the "great" here. In my (not so humble) opinion GnuPG's (the software) difficulty to use is one the reasons we still don't have encrypted, or at least signed email for everybody[1]. Getting public-key cryptography right is already difficult enough[2], it would be great if the tools wouldn't add another layer of difficulty on top. [1] signing all email by default could potentially make spam and phishing mostly go away [2] https://wiki.debian.org/GnuPG/AirgappedMasterKey Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser signature.asc Description: PGP signature
Re: PGP: difference between Kleopatra and Kgpg, both from KDE
Marco Möller wrote: > Could someone explain for a raw beginner concerning the usage of PGP the > difference between Kleopatra and Kgpg, what the typical work case is for > the one and the other, what important feature the one and the other is > missing? > apt-cache show kleopatra Description-en: Certificate Manager and Unified Crypto GUI Kleopatra is a certificate manager and a universal crypto GUI. It supports managing X.509 and OpenPGP certificates in the GpgSM keybox and retrieving certificates from LDAP servers. Description-md5: e5d6fc989907b80b691c99f2d8834cf5 Homepage: https://www.kde.org/applications/utilities/kleopatra/ apt-cache show kgpg Description-en: graphical front end for GNU Privacy Guard Kgpg manages cryptographic keys for the GNU Privacy Guard, and can encrypt, decrypt, sign, and verify files. It features a simple editor for applying cryptography to short pieces of text, and can also quickly apply cryptography to the contents of the clipboard. . This package is part of the KDE Utilities module. Description-md5: c2c30394bb363998b52a8fcc2caeb33c Homepage: http://www.kde.org/ > > Sorry for the related but low specific questions in the following. Being > a raw beginner in the topic of PGP signing of email messages, it is > difficult to even know what exactly to ask for. My internet search > engine of choice and the KDE web sites both unfortunately did not guide > me to a nice reading about the differences of Kleopatra and Kgpg, and > adding Thunderbird to this does not make the topic easier to grasp. > Therefore please allow me to add the following complex of questions: > The background to my questions is, that I am aiming to soon use PGP > signatures when working with Thunderbird, but I would not know if > Kleopatra or if Kpgp would be better suited to support this. Besides, as > a raw beginner in the topic of PGP, I am not even sure right now if I > might find good usage of PGP for whatever else in the future (maybe > authentication for a ssh access?), and if for this I should right away > start to get comfortable with the one or the other tool, Kleopatra or > Kpgp, or if anyway both will be needed because they target different > work cases or complement each other? I think the above parts of the package description explains quite well the use cases. With kleopatra you manage certificates in KDE (such like SSL) With Kgpg you manage GPG keys and you can encrypt/decrypt GUI style text > At the moment my impression is that Thunderbird even comes with its own > PGP implementation and is not using any other PGP parts of the rest of > my Debian? Will Kleopatra or Kpgp then be of any help for me at all > right now? Don't know thunderbird or it's ability to use GPG, but it makes sense that it uses it's own implementation. The answer here is probably no. However you could use Kgpg to create and manage your keys and keyring (I would recommend it) > I find package "gnupg" (maybe for the package manager apt to work > fine?), but no package which in its package name would explicitly > contain the word openpgp. Is there a special openpgp package which I > should install in order to get well prepared for a typical PGP future? gnupg is the mother of all open source pgp stuff. In fact you must know that PGP is the commercial implementation of a standard for symetric encryption (I hope I am not wrong in my wording while citing from memory) Gnupg is the opensource equivalent of PGP and it is great :) command line utility and set of libraries that makes it possible to use encryption on numerous of devices. The application is called gpg. Kgpg is a front end to gnupg. Go to the home page of gpg and read, get familiar to it. It definitely needs understanding before using.
PGP: difference between Kleopatra and Kgpg, both from KDE
Hello, Could someone explain for a raw beginner concerning the usage of PGP the difference between Kleopatra and Kgpg, what the typical work case is for the one and the other, what important feature the one and the other is missing? Sorry for the related but low specific questions in the following. Being a raw beginner in the topic of PGP signing of email messages, it is difficult to even know what exactly to ask for. My internet search engine of choice and the KDE web sites both unfortunately did not guide me to a nice reading about the differences of Kleopatra and Kgpg, and adding Thunderbird to this does not make the topic easier to grasp. Therefore please allow me to add the following complex of questions: The background to my questions is, that I am aiming to soon use PGP signatures when working with Thunderbird, but I would not know if Kleopatra or if Kpgp would be better suited to support this. Besides, as a raw beginner in the topic of PGP, I am not even sure right now if I might find good usage of PGP for whatever else in the future (maybe authentication for a ssh access?), and if for this I should right away start to get comfortable with the one or the other tool, Kleopatra or Kpgp, or if anyway both will be needed because they target different work cases or complement each other? At the moment my impression is that Thunderbird even comes with its own PGP implementation and is not using any other PGP parts of the rest of my Debian? Will Kleopatra or Kpgp then be of any help for me at all right now? I find package "gnupg" (maybe for the package manager apt to work fine?), but no package which in its package name would explicitly contain the word openpgp. Is there a special openpgp package which I should install in order to get well prepared for a typical PGP future? Thanks a lot! Marco.