YubiKey Neo and Claws Mail

Alvin Toh

Alvin Toh

2 minute read

In an earlier post, we went through the steps of enabling and setting up the OpenPGP applet on a production YubiKey NEO. In this post, we’ll be expanding on how to use it with Claws Mail to sign and encrypt emails, one of the main uses of PGP encryption. Claws Mail is an open source email and news client based on GTK+. It is widely available – more information can be found here.

First, make sure your YubiKey NEO is properly configured. For information on how to do so, please refer to this. A properly configured YubiKey NEO should behave no different from a smartcard and its reader – as such the steps described here are exactly the same as that when using an OpenPGP smartcard. If you’ve used Claws Mail with an OpenPGP smartcard before, this should be no problem for you.

Once done, open Claws Mail. Configure it for your chosen email service and ensure that the PGP plugins are loaded, as shown in the screenshot below.

Claws_Screenshot_1

Assuming everything is configured correctly, incoming encrypted messages will be automatically decrypted and incoming signed messages will have their signatures automatically validated – very convenient!

To send your own signed or encrypted messages, click on Options, Privacy System then pick either None, PGP MIME or PGP Inline. Choose PGP MIME if the email client used by your intended recipient supports the MIME protocol and PGP Inline if it does not. In the screenshot below, PGP Inline is selected.

Claws_Screenshot_2

Before sending your message, click on Options then Sign to sign it or Encrypt to encrypt it. Then enter your PIN when requested and it will be sent!

Claws_Screenshot_3

Enjoy using your YubiKey NEO with Claws Mail!

Talk to our teamTalk to our team

Share this article:
  • Securing the skies with YubiKeys: Insights on cyber resilience in the aviation industry and beyondIn an increasingly interconnected world, the landscape of cybersecurity is constantly evolving. Bad actors are becoming more sophisticated, leveraging tactics like phishing and ransomware to exploit human error and weak credentials. This makes robust cybersecurity a universal issue, impacting everyone from individuals to the largest global enterprises – especially those in high-stakes sectors like commercial […]Read morecyber resilienceEUmanufacturingQ&A
  • Future-proofing authentication: A look at the future of post-quantum cryptographyThe path from passwords to passkeys and beyond In a previous blog I talked about the end of passwords and the rise of passkeys, which promise stronger security and less frustration for both individuals and businesses. The global momentum behind passkeys represents one of the most exciting shifts in authentication history, but realizing their full […]Read more
  • Goodbye master passwords: Dashlane and Yubico enhance credential vault encryption and login with YubiKeysAt Authenticate 2025 this week, the world’s leading experts on modern authentication and securing digital identities gathered, to discuss the future of secure authentication and achieving usable security across the account lifecycle. The message was clear: the future of phishing-resistant authentication is using passkeys for encryption, and the gold standard is device-bound passkeys – YubiKeys. […]Read morecredential vault encryptioncredential vault loginDashlanepartnerpasskey encryptionPRF
  • Piloting Europe’s future ID: Passkeys securing digital walletsOver the last several years, passkeys have become ubiquitous. They are available on every mobile platform, in every leading browser, as part of all major enterprise IAM solutions, and in most major cloud services. Until wwWallet came along, the only place where passkeys hadn’t yet made an impact is in the rapidly developing world of […]Read moredigital identity walletspasskeysSIROSwwWallet