YubiKey Neo and Claws Mail

Alvin Toh

Alvin Toh

2 minute read

In an earlier post, we went through the steps of enabling and setting up the OpenPGP applet on a production YubiKey NEO. In this post, we’ll be expanding on how to use it with Claws Mail to sign and encrypt emails, one of the main uses of PGP encryption. Claws Mail is an open source email and news client based on GTK+. It is widely available – more information can be found here.

First, make sure your YubiKey NEO is properly configured. For information on how to do so, please refer to this. A properly configured YubiKey NEO should behave no different from a smartcard and its reader – as such the steps described here are exactly the same as that when using an OpenPGP smartcard. If you’ve used Claws Mail with an OpenPGP smartcard before, this should be no problem for you.

Once done, open Claws Mail. Configure it for your chosen email service and ensure that the PGP plugins are loaded, as shown in the screenshot below.

Claws_Screenshot_1

Assuming everything is configured correctly, incoming encrypted messages will be automatically decrypted and incoming signed messages will have their signatures automatically validated – very convenient!

To send your own signed or encrypted messages, click on Options, Privacy System then pick either None, PGP MIME or PGP Inline. Choose PGP MIME if the email client used by your intended recipient supports the MIME protocol and PGP Inline if it does not. In the screenshot below, PGP Inline is selected.

Claws_Screenshot_2

Before sending your message, click on Options then Sign to sign it or Encrypt to encrypt it. Then enter your PIN when requested and it will be sent!

Claws_Screenshot_3

Enjoy using your YubiKey NEO with Claws Mail!

Talk to our teamTalk to our team

Share this article:
  • CEO Corner: Maintaining stable growth while navigating global uncertaintyAs we officially close out the first quarter of 2025,  I am pleased we saw a quarter with solid growth and profitability along with ongoing demand for phishing-resistant authentication. We continue to see new types of high-profile cyber attacks appearing regularly, and a major reason for the success of phishing attacks is stolen credentials. As […]Read moreCEOCEO CornerEarningsMattias Danielsson
  • Introducing the Yubico Academy: Enabling partners for a phishing-resistant futureAt Yubico, strong partnerships are fundamental to a more secure digital world. Our commitment goes beyond providing leading security keys; it’s about actively fostering the growth of our valued partners through impactful enablement programs. A cornerstone is the Yubico Academy, featuring our comprehensive certification program.  This program enables our partners’ teams to become Yubico experts, […]Read more
  • AI is booming — but proving you’re human matters more than everIf you walked the show floor at the RSA Conference this year, you probably noticed the same thing I did: Artificial Intelligence (AI) is everywhere. Agentic AI. AI in threat detection. AI in firewalls. AI in identity management. AI-generated demos. AI everything. The energy around AI was undeniable, and we’re seeing real innovation, efficiency gains […]Read moreAIArtificial IntelligencephishingRSAC
  • Ditching passwords for good: Celebrating the inaugural World Passkey DayHave you ever been stuck in a relationship with someone who constantly lets you down, exposes your secrets, and leaves you vulnerable? Odds are you cut your losses, packed up your things and moved on. Today is the day to do the same with your passwords: say goodbye forever! The reality is a majority of […]Read morepasskeyspasswordlessWorld Passkey Day