News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Kleopatra versus GPA ⚔️ Pros & Cons : PGP | Torhoo darknet markets

Just went through the Gnu Privacy Assistant tutorial we didn't have yet on https://torhoo.cc/go.php?u=TDJRdmNHZHdjSEpoWTNScFkyVT0=#. Throwing a couple of observations in regard to the main Linux GUI alternative, Kleopatra.

















Kleopatra Gnu Privacy Assistant
🔺 Pros Private keys: RSA up to 4096 bits, ECC enabled
Text lookup through recipients
Tags support
Quick option to add private key as recipient
Post-import certification
Fine sub-key management		 User-friendly interface (multi-window)
Clearer & simpler GUI
Full implementation of trust levels
🔻 Cons Shaky interface and user experience
Buggy		 Private keys: RSA limited to 3072 bits, no ECC
No key import from clipboard /post/9caa91ac74b2f5e6ac70/#c-8ab8f0b90d428cc536
Email required in basic mode
Imported keys are untrusted by default

/u/ringct
2 points
1 week ago
Quality comparison. GPA is always my backup when Kleopatra crashes and refuses to open again.
What a pain.
/u/pgpfreak 📢 P Moderator
1 points
1 week ago
Thanks! Usually I can manage restart. But yes. Instability is a pain in the ass.
/u/MrBacon420 P
1 points
1 week ago
There's a lot of things that irritate me about GPA that it will not do. I think the biggest one is importing keys from a clipboard. I can't find that option. I don't want to save each key to a file!

The thing that irritates me about Kleopatra is definitely the crashing. I have seen a pattern when unknown keys are involved in the message. Anytime I see there's an unknown key in a message, I make sure I copy the message before encrypting/decrypting because that's when it crashes the most.
/u/MrBacon420 P
1 points
1 week ago
It's slightly irritating that Kleopatra is not installed by default in Whonix, but that's an easy fix. Also, remember to install "scdaemon" with "kleopatra" so the self test will not fail every time.
/u/pgpfreak 📢 P Moderator
1 points
1 week ago
lso, remember to install "scdaemon" with "kleopatra" so the self test will not fail every time.

Good to know.
/u/pgpfreak 📢 P Moderator
1 points
1 week ago
Shared impression. I know exactly the pattern you describe. Used to drive me crazy. As you said it's something with a unrecognized character going in the notepad. I think it's because of the type of carriage return. Unsure though. I've learned to properly select the text I want to decrypt instead.
/u/MrBacon420 P
3 points
1 week ago
So I've been told and this works -
Copy public key
Go to Keyring manager in GPA
Hit Ctrl-V
You should get a message that the key has been imported. Thanks helpful user!
/u/pgpfreak 📢 P Moderator
2 points
1 week ago
Damn :) Missed it completely. It was probably the biggest issue for an average user. Makes it even simpler than Kleopatra. Editing this post and the tutorial right away. And tagging /u/diaperspray since I guess he'll find interest in knowing that. Thanks helpful user. Great comment.
/u/diaperspray P
1 points
1 week ago
It worked like fucking a charm too.
/u/AngieJ P
1 points
1 week ago
What I can't understand about Kleopatra is the delay in loading sometimes when I first open it.

For example, one of my main desktop rigs is really powerful. Think i9-14900K, 128GB RAM, the newest ans fastest SSDs, etc. Pretty much everything I do on it loads instantly. But there are times that it takes Kleopatra over one solid minute or even two to load the certificate cache (or whatever the message is) and it just sits there. I've reinstalled everything under the sun and tried a dozen things, but it is just really slow. And I only have maybe 20-25 certs in there.

Still haven't found a solution for this problem. :(
/u/pgpfreak 📢 P Moderator
1 points
1 week ago
Interesting feedback. I had plenty of issues with Kleoapatra but response time wasn't one of them. I'll try to import a large number of certificates to see if I can get the same result.
/u/AngieJ P
2 points
1 week ago
It's a known issue on Windows 11 and in and Win VM or VirtualBox.

I don't have the problem with Linux.

But a lot of times I need the stuff in Windows and can't cut and paste between the systems (I have 2x PCs, Monitors, etc... for various reasons)

Maybe the solution is to not use Windows 11. Of course, that is the real answer. But this /d/PGP and not /d/OpSec so spare me the lecture. I know what I am doing. 🤣

But the bug still irks me.

See: google.com/search?q=kleopatra+loading+cache+delay
/u/pgpfreak 📢 P Moderator
1 points
1 week ago
I see. So the Windows version isn't good. That's a bummer. Do you know any alternatives? With strong enough warranties (open-source, offline, maintainers, etc.)? As you mentioned, this OS comes with a fairly large attack surface but that's not necessarily an OPSEC issue in my opinion. The only thing that matters is that it fits within your own threat model. Same goes for PGP applications I guess.
/u/diaperspray P
1 points
1 week ago*
I agree GPA isn't as good compared to Kleo but...
  • The Interface feels dated but it gets the job done
  • A default key pair at 2048 bits is plenty, even for buying, prove me wrong
  • I just had to create .txt doc dedicated to PGP importing, no biggie
  • Easy enough for the "new users" to start using PGP right off the bat
  • Just add an email that doesn't exist, no biggie
  • GPA doesn't crash and isn't buggy as far as I know
  • GPA is a good enough tool for "new users" of Whonix and it comes standard

I'll continue to teach newbies GPA if their using Whonix at least.
/u/pgpfreak 📢 P Moderator
1 points
1 week ago*
I agree GPA isn't as good

I didn't say that :) And I totally agree with you. GPA should be good enough for the average darknet profile. Kleopatra goes further in the options. But. It's useless for most people.
/u/footsteps
1 points
1 week ago
Isn't it really OS-dependent? If you use Windows a lot more than Linux, you're maybe more likely to prefer a windozy application.
/u/pgpfreak 📢 P Moderator
1 points
1 week ago*
It is absolutely. I didn't mention it because both applications are distributed with Aptitude and available on most Debian-based platforms. But as far as I know, only Kleopatra has a Windows build.
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo