OMEMO Plugin for Gajim
Download the Plugin via Gajims Plugin Manager.
See AUR package.
Debian & Ubuntu
gajim-omemo is available in backports, testing, and universe repos.
sudo apt-get install gajim-omemo to install the plugin.
layman -a flow && emerge gajim-omemo to install the plugin.
Tested on Fedora 25.
Add this snippet to
[ux] name=Unixadm.org - Fedora $releasever base repository baseurl=http://reposerv.unixadm.org/fedora/$releasever/$basearch/ enabled=1 includepkgs=python-axolotl python-axolotl-curve25519 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-UNIXADM gpgcheck=1
Optional: Fetch the gpg key and save it to
/etc/pki/rpm-gpg/RPM-GPG-KEY-UNIXADM (or else, set gpgcheck to 0).
wget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-UNIXADM https://www.unixadm.org/RPM-GPG-KEY-UNIXADM.asc
dnf install python-axolotl python-axolotl-curve25519 protobuf-python
Distributions without a package
Install the Plugin with the Gajim PluginManager. You need Gajim 0.16.6 or higher. If your package manager does not provide an up to date version you can visit gajim.org for further install instructions.
- Check if you have Gajim 0.16.6 or higher installed
sudo apt-get install build-essential libssl-dev libffi-dev python-dev
sudo apt-get install python-setuptools
sudo apt-get install python-cryptography
sudo apt-get install python-axolotl
- Restart Gajim, and activate OMEMO in Gajims PluginManager
Enable the OMEMO plugin in the Plugin-Manager. If your contact supports OMEMO, you should be able to activate it using the lock icon in the lower right of your chat window.
If you open the chat window, the Plugin will tell you with a green status message if its enabled or disabled. If you see no status message, your contact doesnt support OMEMO.
Beware, every status message is green. A green message does not mean encryption is active. Read the message ! You can also check if encryption is enabled/disabled, when you click on the OMEMO icon.
When you send your first message, the Plugin will query your contacts encryption keys and you will see them in a readable fingerprint format in the fingerprint window which pops up. You have to trust at least one fingerprint to be able to send messages. You can receive messages from fingerprints where you didn't make a trust decision, but you can't receive Messages from not trusted fingerprints.
Verification QR Codes
It is possible to show a QR Verification Code in the Plugin's Config Window.
You have to install the
python-future packages for it to work (Debian, Ubuntu).
If you want to use PIP for installing python packages,
future packages have to be installed.
Groupchat with OMEMO encryption works only in rooms that are:
- works only with contacts that you have in your roster
For filetransfers in Gajim 0.16 use the HttpUploadPlugin plugin.
Gajim 1.0 comes with HTTP Upload integrated into core, there is no plugin needed.
For decrypting and showing pictures in the chat window use the UrlImagePreviewPlugin plugin.
If you want to use these plugins together with OMEMO, you have to install the
If you experience lag when sending a message, install
If that doesnt help, you can convert your database to WAL mode with:
sqlite3 firstname.lastname@example.org PRAGMA journal_mode=WAL
Warning: This mode could lead to data loss if Gajim crashes!
To see OMEMO related debug output, start Gajim with the parameter:
I found a bug
Please report it to the issue tracker. If you are experiencing misbehaviour, please provide detailed steps to reproduce this and provide debugging output. Also, please always mention the exact Gajim version you are using.
You can contact us at email@example.com.
Changelog (Gajim 0.16)
1.2.8 - 07.10.2017
- Bug fixes
1.2.7 - 26.08.2017
- Request only the latest PEP items
1.2.6 - 23.08.2017
- Bug fix
1.2.5 - 07.08.2017
- Support 12bit IVs for httpupload files
1.2.4 - 19.07.2017
- Fix LMC in Groupchat
1.2.3 - 13.07.2017
- Bug fix
1.2.2 - 12.07.2017
- Add whitelist of xml tags to prevent any clear text leaking, even when new XEPs are added to Gajim that we dont know yet.
1.2.1 - 15.04.2017
- Recognize aesgcm uri scheme
1.2.0 - 06.04.2017
- People using Version < 1.0.1 will be unable to receive OMEMO encrypted messages
- Add auth tag to key instead of payload
- Support decryption of aesgcm:// uri scheme
- Make python-cryptography mandatory
- Small bugfixes
1.1.0 - 26.03.2017
- Add file decryption
1.0.4 - 01.03.2017
- Use correct tag name for EME
1.0.3 - 12.02.2017
- Set an inactive device active again after receiving a message from it
1.0.2 - 04.02.2017
- Fix a bug when publishing devices
- Fix copying fingerprint
- Fix layout issue
- Dont handle type 'normal' messages
1.0.1 - 14.01.2017
- Better XEP Compliance