DOKK / manpages / debian 12 / profanity-light / profanity-ox-setup.1.en
man(1) Profanity XMPP client man(1)

Profanity - a simple console based XMPP chat client.

This man page is intended to help you set up XEP-0374: OpenPGP for XMPP Instant Messaging. Also known as OX.

For details on usage see man profanity-ox or /help ox.

Profanity wants to give the user a maximum freedom in setting up their system. So we won’t touch your GPG settings directly. Which means you will need to do some manual steps. They are described here

The first step is to create a OpenPGP key pair. The key pair generation will be done with the gpg command of GnuPG.

gpg --quick-generate-key xmpp:alice@domain.tld future-default default 3y
    

This command will generated a OpenPGP key with a UID xmpp:alice@domain.tld. The option future-default has been used to generate a ed25519/cv25519 key. The key is set to expire in threeyears.

Replace the Jabber ID with your JID and do not forget the URI xmpp: prefix.

Example output:

pub   ed25519 2021-09-21 [SC] [verfällt: 2024-09-20]

583BAE703A801095B6B71A56BD801174B1A0B84A uid xmpp:alice@domain.tld sub cv25519 2021-09-21 [E]

You need to export your public key so you can later upload it into a PEP node. It’s just a way how your chat partners can retrieve the public key from you. Use the command below to export public key:

Example command:

gpg --export \

--export-options export-minimal \
--export-filter 'keep-uid=uid =~ xmpp:alice@domain.tld' \
--export-filter 'drop-subkey=usage =~ a' \
583BAE703A801095B6B71A56BD801174B1A0B84A \
> /tmp/pep-key.gpg

The key will be exported to /tmp/pep-key.gpg. You may check the key with the command below:

gpg --show-key --with-sig-list /tmp/pep-key.gpg

Keep in mind: Public keys may have some information (signatures, name, e-mail address). Be careful which data will be exported. The export-options and export-filter option of GnuPG will help you to filter the data.

You can use profanity to publish your exported key into your account (PEP). The /ox announce command will publish your key.

/ox announce /tmp/pep-key.gpg - the Profanity /ox announce /tmp/pep-key.gpg command.
    

The command will create two PEP node records to store the key.

To discover public keys of your partners use the /ox discover command.

Example output:

/ox discover buddy@domain.tld
Discovering Public Key for buddy@domain.tld 
1234567890ABCDEF1234567890ABCDEF12345678
    

To request and import a key, you can use the /ox request command.

/ox request buddy@domain.tld 1234567890ABCDEF1234567890ABCDEF12345678
Requesting Public Key 1234567890ABCDEF1234567890ABCDEF12345678 for buddy@domain.tld
Public Key imported 
    

The key will be imported into your gnupg keyring.

The key can been shown via gpg gpg -k xmpp:buddy@domain.tld. Make sure the key is the key of your buddy and sign the key with your key.

gpg --ask-cert-level --default-key 583BAE703A801095B6B71A56BD801174B1A0B84A --sign-key 1234567890ABCDEF1234567890ABCDEF12345678
    

The command /ox contacts will show the keys with XMPP-UID. The command /ox keys will show all known OpenPGP keys.

Only once you signed the key you can actually use OX with your partner.

Within a chat window you can start OX via /ox start and stop it via /ox end.

Messages will be send signed and encrypted.

2022-10-12 0.13.1