Encrypting/Decrypting with Gnome..

The Ubuntu Feisty release comes with version 2.18 of Gnome installed as standard. Most of you probably haven’t even noticed the difference between this version & the versions installed with Dapper or Edgy (I didn’t). Most of the changes for this release have been more to do with stability or general improvements under the hood, rather than big changes to the user interface.

One of the new things that you might find useful though, is the official support for Seahorse.

“Seahorse is a GNOME application for managing encryption keys.”

Seahorse isn’t installed on Ubuntu by default..yet, but only takes a couple of seconds to install.

Open up a terminal & enter..

sudo apt-get install seahorse

..don’t forget to enter y when asked for confirmation.

Next you need to add the Seahorse daemon (or Agent as they call it) to Gnomes start up manager. Check out the picture below to see what you need to enter..

Seahorse Startup

You might want to either restart your computer at this point, or log out of Gnome & then back in to make sure the daemon’s loaded on boot.

You can start up the main program by clicking on Gnomes Applications menu, clicking on Accessories & choosing Passwords & Encryption Keys. This seems a very long name for the menu, but I’m sure that will get changed when it gets included on Ubuntu installs. Until then you can always change it yourself if you really can’t live with it.

Main Screen

The first thing that you’ll need to do with Seahorse is to make a new key for yourself, so click on the button labelled New. If the First time options dialogue doesn’t appear for some reason, you can select Create New Key from the Key drop down menu.

Creating a key

Click on the type of key that you want to make & it will open up the options screen..

New PGP Key

All the options are pretty self explanatory, so just fill them in as you see fit (look closer at the image if you need a clue) & click the Create button to continue.

A box will pop up asking for a password. This password is the one that a user will need to enter to encrypt or decrypt a file, so make sure that it’s one you can remember. This next part is where I ran into a little trouble..

I left it creating the key for over two minutes but it never completed like it should have done, so I hit the cancel button & started to make a new key. I was half way through making the new key & the other key appeared within the key list as it should have done before. I’ve created another key since then though & it worked fine.

This seems to be a bug within the program & could explain why the Ubuntu developers haven’t installed this as standard as of yet. Hopefully this problem will be sorted out soon (I’ll check & make sure that a bug’s been filed).

Once a key’s been fully created you can right click it in the key list & fine tune it’s preferences, including adding photographs & avatars of yourself..

Key Prefs

That’s all there is to making a basic key. Now you need to make keys for anyone else that you will be sending files to. Each of these keys can have a unique password, but make sure the people you are sending the files to have the correct password for decrypting the files.

Once you have your keys set up, you can start to encrypt & decrypt files..


Find the file that you want to encrypt (either within the Nautilus file manager, or on your desktop) & right click on it. You should have an option called Encrypt… at the bottom of the menu that appears. Click the option & the following screen should pop up..


Choose which of your keys you want to use for the encryption by making sure it’s ticked on the list & choose which of your accounts it’s being sent from by changing the Sign message as.. option..

EXAMPLE: My friends name is David Turner & I’m Trip Monkey. If I tick to encrypt the file for sending to David Turner & I sign the message as Trip Monkey, It uses my password to encrypt the file & David Turners password for decrypting it.

If I (Trip Monkey) wanted to decrypt the file again for some reason, I would have to enter David Turners password. It won’t decrypt with my password, even though it already used my password to encrypt it.

When you have the desired send & recipient accounts checked, press the OK button to start the encryption process. All you need to do now is enter the password for your key & it will encrypt the file.


Decrypting is just as easy..

Right click the file & choose Open with “Decrypt File” from the top of the right click menu. Enter your password & it should decrypt the file without any more user intervention.

If some one else has sent you the file, then make sure that they either let you know the right password for decrypting, or send them your key by right clicking your key within Seahorses main window & selecting Export Public Key... Send it to any of your friends that are using compatible forms of encryption software.

Keys can also be uploaded to public key servers on-line (read Seahorses help file for more info on this). If you do this, people will only have to search for your name on the server & download your key to their encryption software. You will then be able to open any of the files that they send you without hassles.


As I said earlier, there are currently some bugs with the program..

Sometimes it has trouble when creating new keys (already been mentioned).

The programs Pop up dialogues show up on the bottom right of the screen, instead of from Gnomes notification area.

I get an error when trying to upload the keys to the on-line servers.

I visited the web site for one of the servers at http://keyserver.pgp.com, exported my key files from within Seahorse (you have to do these one at a time) & uploaded them using the sites uploader. The site sent me verification emails for both keys, which opened up a web page (after I agreed) with this message..

Verification Key

I downloaded the sites key to my desktop by pressing the link & imported it into Seahorse. It showed up in the Other Collected Keys tab, so I right clicked the key & chose Sign from the menu that appeared. This gave me another options screen (check the picture if you need help on filling this in).

Sign Key

After completing the options on this screen & clicking the Sign button, the key was moved into the Trusted Keys tab of Seahorse. Unfortunately though, it still won’t let me upload or sync any keys. I guess I can always swap keys with people over email & Instant messengers 😉

These all seem to be quite small annoyances & shouldn’t stop you from trying out this great piece of software 🙂

p.s – They are already working on plugins to allow Gaim & Evolution to use this software too. Altogether these should give you a pretty complete encrypting/decrypting solution for your Ubuntu laptop.


4 thoughts on “Encrypting/Decrypting with Gnome..

  1. Sorry John but my laptops currently experiencing a problem with it’s motherboard (old age sucks for technology too I’m afraid) and I’m a bit stuck for testing this out and updating the tutorial.

    I’ll give it a look if I manage to get a replacement laptop soon 🙂

    P.s Thanks for helping John out Anon 🙂

  2. From the command line:

    apt-get install seahorse-plugins

    killall nautilus


    This was a good tutorial. Thanks much. Sorry for digging up a dead thread.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s