Offline GPG

From Whonix

This process is inspired by Qubes' split-GPG though it hopes to go a bit further at expense of usability. An advantage over split-GPG is there is no opportunity for an attacker to steal your key or feed data they want to decrypt to your GPG daemon at any time, since the data acted upon is totally under your control. Also such a setup works for any hypervisor. N.B. This security model assumes no guest VM escapes are possible otherwise the process is compromised.


  • Transfer ciphertext data from Thunderbird to the shared folder.
  • Copy/paste to KGpg running in offline VM.
  • Manipulate data or compose replies which you then encrypt in the trusted offline VM then transfer output to the internet facing E-mail VM via shared folder.