GPG SUITE: 2015.09

With GPG Suite, the Thunderbird e-mail client and the Enigmail plugin you can send and receive encrypted e-mails using your usual e-mail account, for exampl Gmail or Yahoo, so that only the intended recipients will be able to read the content of your emails.

We will briefly explain how e-mail encryption works and guide you step by step on how to use it.

With e-mail encryption we transform a message which anyone can see into a coded file which requires a key to decode it. Just as with decoding, encoding is also performed with a key. The encryption and decryption keys together constitute a key pair:

  • Public key: used to encrypt messages, accessible to anyone.
  • Private key: used to decrypt messages, has to be kept safe, protected by a password.

In order to use encrypted messaging you need to create your keypair consisting of a public and a private key using GPG Suite.

1. Download the installer file from

2. Click on the downloaded file, choose “Install”, “Continue-ra” then “Close” to finish installation. Open the new GPG Keychain program from the Applications folder and click “New” to generate a keypair.


3. Fill in your data and set a password which you will use to access your key. Store your password securely. If it gets lost, you won’t be able to set another one and you will lose access to your key.

4. Finally click “Generate key”. The key will appear in the “GPG Keychain Access” pane.

5. It is advisable to create a backup copy with „Export” – „Save as”.

6. You will also need the Thunderbird e-mail client which you can download at

7. If you would like to use Thunderbird as your default e-mail client choose „Set as default” at startup.

8. Type your name, e-mail address, and password into the fields. Thunderbird will look for your e-mail account and display its settings. Finally, click „Finish”.

11.In order to be able to use encryption you will also need the Enigmail add-on. Click the menu, choose Add-ons and type „enigmail” in the search box. When it appears, click „install” and restart Thunderbird.

12. When it relaunches, the Enigmail setup will appear. Cancel it; we will set up Enigmail in Thunderbird.

13. Go to the menu and choose Settings – Account settings. Select the OpenPGP privacy section and check the following options:

  • Enable OpenPGP support for this identity
  • Use specific OpenPGP key ID
  • Use PGP/MIME by default

Save the settings with OK.


14. Anyone who would like to send you an encrypted e-mail will need your public key. You can send it as an e-mail attachment with the „Attach own private key” option in the compose e-mail pane.


15. Similarly, for you to be able to send an encrypted e-mail you need the public key of the recipient. If they send it to you by e-mail, Control – click the attachment and choose „Import OpenPGP key”.

16. When writing an e-mail you can choose signing or encryption. Signing instead of encrypting the e-mail authenticates it as originating from you and attests that the content was not changed in transit. The recipient can verify this with your public key.Click the pencil icon to sign the message and the lock icon to encrypt it.

LAST MODIFIED: 16.01.2016.