[MlMt] gpg best practice

[Oliver Sturm]

Hi,

Interesting points made by everybody — I just looked at my setup and I found that I actually have (and use both). That is, the GPG Suite (which is very useful on occasion for its key management tool, if nothing else) and the command line tools from Homebrew. This gives me `/usr/local/bin/gpg`, which links to the GPG Suite executable, while `which gpg` on the command line goes to `/opt/homebrew/bin/gpg`.

They both work hand in hand happily — for instance I just used the command line tools the other day to change expiry on a key because the visual tool was having trouble with it for some reason, and the command line changes were reflected by the UI immediately.

I’m not sure that I ever exactly did this on purpose, but it’s certainly something that works, and illustrates the fact that the choice of gpg version to use is not a very exact science (I guess unless you have need of a very specific feature that only one of them has).

All this said, I just noticed that when I haven’t used a key in a while and MailMate wants to require `pinentry`, this does actually not work correctly on my system right now because my pin entry is not set up to use a UI frontend. Must check that out!

Cheers
Oli



On 22 Jan 2025, at 7:53, Stephan Kleiber wrote:

> +1 for GPG Suite by GPGTools, works like a charm with MailMate. Do use Homebrew to install it. With the cask `gpg-suite-no-mail`, you get the free version without the Apple Mail plugin (which I suppose you don’t need since you have MailMate).
>
> On 21 Jan 2025, at 23:07, Eric Sharakan via mailmate wrote:
>
>> Hi Oliver, FWIW I get my 'gpg' utility and related tools from https://gpgtools.org, rather than Homebrew.  It all just works with MailMate, no need for symlinks or other workarounds.
>>
>> This is what it reports about itself:
>> ```
>> esharaka% where gpg
>> /usr/local/bin/gpg
>> /usr/local/MacGPG2/bin/gpg
>> esharaka% gpg --version
>> gpg (GnuPG/MacGPG2) 2.2.41
>> libgcrypt 1.8.10
>> Copyright (C) 2022 g10 Code GmbH
>> License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
>> This is free software: you are free to change and redistribute it.
>> There is NO WARRANTY, to the extent permitted by law.
>>
>> Home: /Users/esharaka/.gnupg
>> Supported algorithms:
>> Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
>> Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
>>         CAMELLIA128, CAMELLIA192, CAMELLIA256
>> Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
>> Compression: Uncompressed, ZIP, ZLIB, BZIP2
>> ```
>>
>> -Eric
>>
>> On 21 Jan 2025, at 16:52, Ben Hyde wrote:
>>
>>> Oliver, thanks for looking at my problem.  More details follow.  That said I sense the answer to my question is “Nope there isn’t…”
>>>
>>> I get emails from many vintage correspondents who sign all their emails.  That triggers MailMate to complain it can’t find the /usr/local/bin/gpg.  That opens pops top off a barrel of monkeys and a flash back to having solved this in past lives.
>>>
>>> So things come to mind…
>>>
>>> 1. “Gpg” eh?  What about “gpg2” … my memory is that last time I did this I used gpg2.
>>> 2. “/usr/local/bin” eh?  I thought the brew folks moved to /opt/homebrew/bin on Apple Silicon.
>>> 3. I seem to remember solving this, at last once, with a symbolic link to where I found gpg installed, but that was a longtime ago.
>>> 4. I did happen upon a posting in this mailing list, maybe a year (or two) old that mentions setting an environment variable to help guide Mailmate to this exceubable.
>>> 4a.  Of course mailMate runs as a child/spawn, of launchd.  Luck me I already know how to set environment variable in launchd for this kind of thing.
>>> 4b. Then I found an email that mentioned using “defaults set” to inject this info into mailmate
>>>    defaults write com.freron.MailMate environmentVariables -array '{enabled = :true;  name = "MM_GPG"; value = "/opt/homebrew/bin/gpg"; }'
>>> 5. I don’t see info. About this in recent mailing list content.
>>>
>>> So at point I seemed reasonably to ask if this was written down someplace.
>>>
>>> If not, I’ll just kick it until something works :)
>>>
>>>   - ben
>>>
>>>
>>> On 20 Jan 2025, at 3:03, Oliver Sturm via mailmate wrote:
>>>
>>>> I hadn’t actually tried it since I started using MailMate, since PGP doesn’t come along too often for me these days. So I was curious, I tried it and it works correctly. This is an M4 Mac, so unless you’re referring to a problem specific to the M2 I wonder what it is?
>>>>
>>>> Screenshots:
>>>>
>>>> [ "2025-01-20-001473 at 2x.png" ]
>>>>
>>>>
>>>> [ "2025-01-20-001474 at 2x.png" ]
>>>>
>>>>
>>>>
>>>>
>>>> On 19 Jan 2025, at 19:38, Ben Hyde wrote:
>>>>
>>>>> I’m moving over to a new M2 Mac.  So PGP encryption stopped working.
>>>>>
>>>>> I see plenty of discussion about this the archives of this esteemed mailing list.
>>>>>
>>>>> Is this documented some place?  - ben
>>>>>
>>>>> _______________________________________________
>>>>> mailmate mailing list
>>>>> Unsubscribe: https://lists.freron.com/listinfo/mailmate_______________________________________________
>>>> mailmate mailing list
>>>> Unsubscribe: https://lists.freron.com/listinfo/mailmate_______________________________________________
>>> mailmate mailing list
>>> Unsubscribe: https://lists.freron.com/listinfo/mailmate_______________________________________________
>> mailmate mailing list
>> Unsubscribe: https://lists.freron.com/listinfo/mailmate_______________________________________________
> mailmate mailing list
> Unsubscribe: https://lists.freron.com/listinfo/mailmate
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20250122/c3104593/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2413 bytes
Desc: S/MIME digital signature
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20250122/c3104593/attachment.bin>