What that basically means is that you can now send encrypted emails to users outside of Protonmail (emails between protonmail users were already encrypted).
Be default, Protonmail creates a public / private RSA key pair for you, but I wanted to use my own key pair which I had already published on keybase.io.
Here’s how I set it up:
- Import pgp key to keybase and assign to email address (I had already done this)
- Export from keybase:
keybase pgp export --secret -q <key_id> > /some/path/to/keybase-pgp-private.key
This command on the keybase CLI is not very well-documented:
- The –secret instructs keybase to export your private key, so be careful where you store this and the permissions you assign to this file.
- The -q is short for — query but it is not much of a full-blown query for the moment, as it just expects the key id.
You will be asked to provide a password that will be used to encrypt your private key. You will need this below, in step 3.
- Now, head on over to Protonmail settings to import your private PGP key:
Protonmail -> Settings -> Keys -> Import Key
Import your previously saved file here. You will be asked to decrypt imported key, with password you selected in keybase export step.
- Finally, enable PGP automatic signing, so that you use this by default:
Protonmail -> Settings -> Security -> External PGP Settings
- Enable automatic signing of external messages
- Enable automatically attaching public key
Hope that helped!
Happy encrypted emails!!!