Roundcube/Plugin/enigma

Aus Foxwiki
Version vom 27. August 2023, 13:46 Uhr von Dirkwagner (Diskussion | Beiträge) (Textersetzung - „<blockquote>“ durch „“)

Enigma

  • More info here
  • Requires: gpg (gnupg and libgpg-error on Slackware systems)
  • Shipped by Roundcube
  • Plugin name: enigma

Update: the enigma plugin included in 1.3.1 version seems to be not compatible with the old version of Crypt_GPGThis plugin adds support for viewing and sending of signed and encrypted messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format.  The plugin uses gpg binary on the server and stores all keys (including private keys of the users) on the server. Encryption/decryption is done server-side. So, this plugin is for users who trust the server.Create a config file

cd /var/www/roundcube/plugins/enigma
cp -p config.inc.php.dist config.inc.php

The keys are stored by the server in the enigma/home dir. Let's move that dir to a folder that is not accessible from the web and assign to apache write permissions

mkdir -p /var/www/roundcube-enigma-home
chown -R root:apache /var/www/roundcube-enigma-home
chmod -R g+w /var/www/roundcube-enigma-home

Now modify your apache configuration to grant proper permissions to apache in the newly created dir:

Require all granted

Don't forget to restart your web server, for example:

apachectl restart

Now modify the enigma config file to point to the new home dir:

$config['enigma_pgp_homedir'] = '/var/www/roundcube-enigma-home';

The enigma plugin requires that the Crypt_GPG library is installed exactly in your /var/www/roundcube/plugins/enigma/lib/Crypt_GPG dir. Considering that roundcube resets the default include_path php variable (which is set by php.ini to /path/to/php/lib), if you choose to install it using pear you will get a "Server error". So let's manually download and install the package in the proper folder

cd /var/www/roundcube/plugins/enigma/lib
wget http://download.pear.php.net/package/Crypt_GPG-1.6.2.tgz
tar xzf Crypt_GPG-1.6.2.tgz
ln -s Crypt_GPG-1.6.2/Crypt
chown -R root:apache Crypt*

The set up of the certificates is easy. Refer to this blog page for more info.