How to locate a user’s GPG key in Thunderbird

We Keep you Connected

How to locate a user’s GPG key in Thunderbird

If you’re using encrypted email in Thunderbird, you might be happy to know there’s an easy way to locate a recipient’s GPG key.


Back in October, I wrote a piece about using encrypted email in Thunderbird. If you ever have to send sensitive information via email, you should be using encryption. If you’re not encrypting those missives, the information they contain can be read by a third party.

You don’t want that… especially when it comes to personal or professional information that you don’t want falling into the wrong hands.

One of the complexities of using encryption in Thunderbird (or most email clients) is that you have to track down the recipient’s public GPG key and add it to the client. Without that key, you can’t send encrypted emails to the owner of the key, thereby rendering GPG useless.

There are ways you can get the recipient’s public key. You can have them send it to you, and you will then have to manually add it to your keyring. You can download it from a public GPG key server through the software that manages your keyring.

Fortunately, there’s another way that’s sort of hidden from sight. This less-than-obvious method is much easier than the other two options, so I highly recommend you try these simple steps first.

How to locate a user’s GPG key in Thunderbird
Let me show you the way.

The only thing you’ll need is a running instance of Thunderbird and an email from the recipient in question. I’ll demonstrate with Thunderbird version 102.5.0 on Pop!_OS Linux but the process is the same, no matter the operating system you are using.
If you’re using an older version of Thunderbird, I suggest you upgrade to the latest version, so you gain the advantage of new features and (more important) all the security patches that have been applied.

1. Open Thunderbird and choose an email
The first thing you must do is open Thunderbird and locate an email from the recipient whose public GPG key you wish to add so you can send them encrypted emails.

2. Open the email from the recipient
Open the email from the recipient by clicking on the entry in Thunderbird’s top right pane.

3. Access the context menu
In the reading pane (bottom right), right-click the email address in the From field, and then click Discover OpenPGP Key.

The Thunderbird email address right-click context menu.
Downloading a recipient GPG key is actually much easier than you might think.
Jack Wallen/ZDNET
4. Accept the key
In the resulting window, click Accepted and then click Import. A second pop-up will appear, including the details of the key that was successfully imported.

Also: How to create message filters in Thunderbird to keep your inbox organized

Close out that pop-up by clicking OK and you’re done.

The Thunderbird GPG import wizard.
Accepting a GPG from a recipient’s email address.
Jack Wallen/ZDNET
Encryption enabled
Now that you’ve imported the recipient’s GPG key, you can encrypt any emails you send them. You can refer back to the post I cited earlier to find out exactly how to encrypt those emails, but it’s essentially a matter of composing an email to the recipient that belongs to the key you just imported and then clicking the Encrypt button in the composer window. Email encryption has never been so easy.