GPG encryption in Tkabber

If you find errors, problems or want to contribute please add a comment.

  1. Install GPG

    • from source

      tar -xjvf gnupg-1.4.19.tar.bz2 
      cd gnupg-1.4.19
      make install

    • using apt

      apt-get install gnupg

    • using urpmi on Mandrake

      urpmi gnupg

    Check it's installed:

    $ gpg --version
    gpg (GnuPG) 1.4.19
    Copyright (C) 2015 Free Software Foundation, Inc.
    License GPLv3+: GNU GPL version 3 or later 
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.
    Home: ~/.gnupg
    Supported algorithms:
    Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
            CAMELLIA128, CAMELLIA192, CAMELLIA256
    Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
    Compression: Uncompressed, ZIP, ZLIB, BZIP2

  2. Create your pair of keys

    You should check the GnuPG documentation for more information on the process.

    gpg --gen-key

    When asked what keys to create, select RSA and RSA (default) and choose 4096 bits as a key length.

  3. Install TclGPG

    • from source

      To install TclGPG from its source you'll have to install fossil first. In Debian it's as easy as apt-get install fossil. Then type

      fossil clone tclgpg.fossil
      mkdir tclgpg
      cd tclgpg
      fossil open ../tclgpg.fossil
      make install

    • using apt

      TclGPG is not shipped with Debian officially. Though you can add the following line to your /etc/apt/sources.list:

      deb jessie main

      and then

      apt-get install tcl-gpg

    Check it's installed:

    $ tclsh
    % package require gpg
    % exit

  4. Install Tcl development files

    Note that building TclGPG from source requires some files from the Tcl development package.

    • using apt

      apt-get install tcl-dev

    • using urpmi on Mandrake

      urpmi tcl tcllib
      sudo ln -s /usr/lib/ /usr/lib/tcl8.4
      sudo ln -s /usr/include/tcl8.4.5/generic/tcl.h /usr/include/tcl8.4.5/

  5. Configure Tkabber

    If you want Tkabber to only ask the passphrase the first time it's needed, activate this option on config.tcl:

    set ssj::options(one-passphrase)  1

    If you want Tkabber to sign presence since its start, set this option:

    set ssj::options(sign-traffic)    1

    If you want Tkabber to try to encrypt since its start, set this option:

    set ssj::options(encrypt-traffic) 1

  6. Usage

    If you have correctly installed the required packages you will see new information:

    • Button (1) on the toolbar to sign your presence and messages.
    • Button (2) on the toolbar to encrypt the conversations when possible.
    • Button (3) on every chat window to send your messages encrypted if possible.
    • Icon (4) indicates the message is signed.
    • Icon (5) indicates the message is encrypted.
    • Text (6) appears when a contact is signing its presence but you can't verify it.
    • Text (7) appears when you have verified its presence.

    The first time Tkabber tries to use GPG it will ask you for the key to use and the passphrase.

    When a contact in your roster signs its presence, you will see some info on his tooltip on the roster (6). To verify your contacts signatures (7) you need to add his public key to your ring.

  7. GPG keyring administration

    You have to publish your public key so other people can grab it. The recommended way of doing that is to use keyservers:

    gpg --keyserver --send-keys 

    You can add public keys from your contacts the same way:

    gpg --keyserver --recv-keys 


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Small correction

I would like to make a small correction: Tkabber signs not only presence but also messages, so icon 1 at the picture means "Sign presence and messages", icon 4 shows that the message is signed.

Don`t see Nr. 6 or 7 in the roster


I can`t see the information about signing etc... when my mouse is over the rosteritem, just the JID or, if activated, the client and OS, but no GnuPG information.

What line do i have to put into config.tcl to see that?

Thanks in advance!

Re: Don`t see Nr. 6 or 7 in the roster

It could be in two cases: 1) presence is not signed; 2) your Tkabber is outdated and should be upgraded.

Hello! ad 1.) My presence


ad 1.) My presence is signed, i get asked for passphrase of the right key at startup and others see the "feather" in the conversation, just like i do.

ad 2.) My version is 0.9.5 , no newer available for Debian :) (i like .debs ;) )

Thanks, but other ideas?

You have to use 0.9.6

So, you have to wait until Debian maintainer make 0.9.6 available in deb.

MDK Install notes

urpmi gnupg
urpmi libgpgme03_6 libgpgme03_6-devel
urpmi tcl tcllib
sudo ln -s /usr/lib/ /usr/lib/tcl8.4
sudo ln -s /usr/include/tcl8.4.5/generic/tcl.h /usr/include/tcl8.4.5/
./configure --with-tcl=/usr/lib/tcl8.4 --with-tclinclude=/usr/include/tcl8.4.5

Debian Package

Debian package of tclgpgme for unstable branch is available at


deb sid/

to /etc/apt/sources.list and use APT to fetch and install package tclgpgme.

GPG Dependency

Aparrently Tkabber now (1.1.2) depends on TclGPG instead of tclgpgme as per official documentation (

You're right. This tutorial

You're right. This tutorial is a bit outdated (though the screenshot looks fine even for now). I'll fix it shortly.

Syndicate content