YubiKey Neo and Claws Mail

Alvin Toh

Alvin Toh

2 minute read

In an earlier post, we went through the steps of enabling and setting up the OpenPGP applet on a production YubiKey NEO. In this post, we’ll be expanding on how to use it with Claws Mail to sign and encrypt emails, one of the main uses of PGP encryption. Claws Mail is an open source email and news client based on GTK+. It is widely available – more information can be found here.

First, make sure your YubiKey NEO is properly configured. For information on how to do so, please refer to this. A properly configured YubiKey NEO should behave no different from a smartcard and its reader – as such the steps described here are exactly the same as that when using an OpenPGP smartcard. If you’ve used Claws Mail with an OpenPGP smartcard before, this should be no problem for you.

Once done, open Claws Mail. Configure it for your chosen email service and ensure that the PGP plugins are loaded, as shown in the screenshot below.

Claws_Screenshot_1

Assuming everything is configured correctly, incoming encrypted messages will be automatically decrypted and incoming signed messages will have their signatures automatically validated – very convenient!

To send your own signed or encrypted messages, click on Options, Privacy System then pick either None, PGP MIME or PGP Inline. Choose PGP MIME if the email client used by your intended recipient supports the MIME protocol and PGP Inline if it does not. In the screenshot below, PGP Inline is selected.

Claws_Screenshot_2

Before sending your message, click on Options then Sign to sign it or Encrypt to encrypt it. Then enter your PIN when requested and it will be sent!

Claws_Screenshot_3

Enjoy using your YubiKey NEO with Claws Mail!

Talk to our teamTalk to our team

Share this article:
  • Ditching passwords for good: Celebrating the inaugural World Passkey DayHave you ever been stuck in a relationship with someone who constantly lets you down, exposes your secrets, and leaves you vulnerable? Odds are you cut your losses, packed up your things and moved on. Today is the day to do the same with your passwords: say goodbye forever! The reality is a majority of […]Read morepasskeyspasswordlessWorld Passkey Day
  • Digital security’s unique role in protecting our environmentAs sustainability expands to include social, economic, and technological challenges, cybersecurity has emerged as a top global threat – with cybercrime projected to cost $12 trillion this year. Stolen credentials and phishing account for 80% of breaches. At Yubico, making the world more secure is just part of how we care for the world around […]Read moreCSREarth DaySecure It ForwardSustainability
  • Breaking down Australia’s plan to combat AI-driven phishing scamsAcross Australia, cybercrime continues to be a major challenge impacting businesses, critical infrastructure and consumers alike. The use of AI by bad actors across the spectrum of cybercrime is on the rise, and as a result, credential phishing scams are becoming increasingly sophisticated. AI is effectively helping to lower the cost of phishing and increase […]Read moreAIAPACAustraliaphishing
  • 5 fast cybersecurity tips to clean up your digital lifeWith today being Identity Management Day, now is the perfect time to take stock of your online presence, update security settings, and ensure that your personal data remains protected from cyber threats like phishing. We’re also seeing increasing concerns of DeepSeek and other AI tools around data privacy making these kinds of attacks more successful […]Read morebest practices