TLDR Notes on how-to get Thunderbird to recognize a Yubikey GPG key on Guix
A quick note in case anybody else runs into this:
- Enable external GPG support
- Add your GPG key ID
- Import your public key
- Make sure Thunderbird can access the key
Enable external GPG support
First of all, open the config editor and make sure these are true:
mail.openpgp.allow_external_gnupg
mail.openpgp.fetch_pubkeys_from_gnupg
Add your GPG key ID
Then find your GPG key ID with gpg --list-keys, and add it to Thunderbird:
- Account: End-To-End Encryption: Add Key
- Use your external key trough GnuPG
- Enter the 16-character key ID (ex
C070BF1246CBFB41)
Import your public key
Next, export your public key from GPG and import it:
gpg --armor --export C070BF1246CBFB41 > pubkey.asc
I couldn’t get Thunderbird to import the file, so here’s what I did:
cat pubkey.ascand copy to clipboard- Open OpenPGP Key Manager in Thunderbird
- Edit: Import keys from clipboard
Make sure Thunderbird can access the key
Finally, make sure Thunderbird can actually access the key; For this we need to add gpgme to the environment. I created a new desktop entry, to handle this step automatically:
[Desktop Entry]
Name=Icedove GPG
Exec=LD_LIBRARY_PATH="$(guix build gpgme)/lib" icedove %u
Icon=icedove
GenericName=Mail/News Client
Categories=Network;Email;
Terminal=false
StartupNotify=true
MimeType=x-scheme-handler/mailto;
Type=Application
Actions=ComposeMessage;
[Desktop Action ComposeMessage]
Name=Write new message
Exec=LD_LIBRARY_PATH="$(guix build gpgme)/lib" icedove -compose
Source: Kind soul on Guix mailing list