Make sure you're using the international version of mutt, not the US version. The international versions end with an "i" - for example, 0.95.6i is an internation version with GPG support, whereas 0.95.6 is not.
If you have more than one version of cryptographic software installed, you may wish to tell mutt which one of them to use. In your /.muttrc file, you can place a line like this:
set pgp_default_version=gpg
Please consult the mutt manual for the details.
When you're about to send a message, you should see a menu that looks something like this:
y:Send q:Abort t:To c:CC s:Subj a:Attach file d:Descrip ?:Help
From: "John Q . Smith" <smith@company.com>
To: Greg Wooledge <wooledge@kellnet.com>
Cc:
Bcc:
Subject: test
Reply-To:
Fcc: =sent-mail
PGP: Clear
The GPG options are accessed by pressing p (which stands for PGP, not GPG, since PGP is much older; in fact, all of the GPG support in mutt is still labeled PGP). This brings up a menu at the bottom of the screen:
(e)ncrypt, (s)ign, sign (a)s, (b)oth, select (m)ic algorithm, or (f)orget it? _
If you want to sign the message, just press s. If you want to encrypt it, press e. To both sign and encrypt, press b.
Sometimes when encrypting e-mail with GPG in mutt, you may see a message like this:
Enter keyID for smith@company.com: _
If you see this, it means that mutt doesn't have enough information to determine which key to use. Since mutt uses the e-mail recipient list (the To: and Cc: headers) to determine which encryption keys to use, you may need to add more information to the headers. If your To: header only contains an e-mail address and not a name, try adding the name and putting the e-mail address in <angle brackets> after it, just like GPG shows user IDs.
If you are signing the message, you will be prompted for your passphrase.
When you read encrypted e-mail with mutt, you will also be prompted for your passphrase. After entering it, you will be able to read the message:
[-- PGP output follows (current time: Fri Oct 1 09:33:34 1999) --] [-- End of PGP output --] [-- The following data is PGP/MIME encrypted --] Please send me a black-and-yellow Thingie, model number 30764-T. My Visa number is 1234 5678 9012 3456, expiration date 01/02. [-- End of PGP/MIME encrypted data --]
When you read digitally signed e-mail with mutt, you do not need to type your passphrase, since you are only verifying a digital signature. The result will look something like this:
[-- PGP output follows (current time: Fri Oct 1 09:18:50 1999) --] gpg: Signature made Fri Oct 1 08:55:31 1999 EDT using DSA key ID A4FE0633 gpg: Good signature from "Greg Wooledge <wooledge@kellnet.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. gpg: Fingerprint: 7D29 CBF6 886C B1F9 31B5 E712 69B5 67BB A4FE 0633 [-- End of PGP output --] [-- The following data is PGP/MIME signed --] Test. -- Greg Wooledge | Distributed.NET http://www.distributed.net/ wooledge@kellnet.com | because a CPU is a terrible thing to waste. http://www.kellnet.com/wooledge/ | [-- End of PGP/MIME signed data --]
If you don't see the words "Good signature" then you know that something went wrong. (Unfortunately, GPG's output isn't always useful; you may not be able to tell whether the signature is invalid, or whether it was produced with a PGP key that GPG can't read.)