HOWTO: Transfer OTR private keys between Adium and Pidgin

I recently re-installed Ubuntu on my home computer, and wanted to move my office Mac’s Adium OTR key and collected fingerprints over to the new install. I had some trouble, but got it eventually, so I wanted to document the process.

The first step is to make sure you’ve got Pidgin and Pidgin-OTR installed on one computer, and Adium on another.

Adium stores the OTR private key and the fingerprints in

~/Library/Application Support/Adium 2.0/Users/Default/otr.private_key
~/Library/Application Support/Adium 2.0/Users/Default/otr.fingerprints

Pidgin, on GNU/Linux, stores the OTR private key and fingerprints in

~/.purple/otr.private_key
~/.purple/otr.fingerprints

It’s worth noting that neither application stores these keys encrypted. The threat model assumes that if an attacker has access to your Adium 2.0 or .purple folder, you’re already compromised. But that means you have to be extra careful about transferring these files from one computer to another: obviously, sending your key in a cleartext e-mail is not a good idea.

Anyway, harmonizing is just a matter of copying both files from one location to another, and then modifying the key slightly to match the format that each program stores it in. I was disappointed at how poorly documented these formats are, but fortunately the always impressive Guardian Project has gone through and documented each program’s file location and format in order to build a tool to convert files between different IM client formats. The tool’s not done, and so far only converts to their Gibberbot mobile IM client, but the README contains all the information you need.

In the case of Adium to Pidgin key transfer, which both use the standard libotrname field, which is an integer in the Adium config file, needs to be changed to the actual account name. The protocol field needs to be changed from libpurple-jabber-gtalk (in the case of a GTalk account) to prpl-jabber.

You may need to turn Pidgin’s OTR plugin off and on again, but it should recognize your key, and all of your verified fingerprints should show up as well.

12 Comments

  1. Posted 1 February, 2012 at 00:33 | Permalink

    Well I feel silly, I’ve always just verified each contact through each client (Adium, Pidgin and Gibberbot), and multiples of each…

    So, is there any wonkiness switching between clients? I often switch between Adium and Pidgin in the middle of a conversation, but I guess I’ve always just logged off one to not conflict with the other.

    Palm, meet forehead.

    • parker
      Posted 1 February, 2012 at 23:38 | Permalink

      @maiki I’ve observed wonkiness if I’m connected on two separate boxes with two separate keys, especially if I’ve got open sessions with people on each. I haven’t yet noticed any weirdness associated with having the two clients running at the same time with the same key, but I think I just haven’t run into that situation yet. I’ll let you know if I do!

  2. Posted 16 April, 2012 at 20:07 | Permalink

    The maintainers of Gibberbot have released a tool to help ease conversion and key management.

    https://github.com/guardianproject/otrfileconverter

  3. Tom
    Posted 9 April, 2014 at 05:38 | Permalink

    I tried copying ~/.purple/otr.private_key and ~/.purple/otr.fingerprints from my Linux box to my Mac OS X box by placing them in ~/Library/Application Support/Adium 2.0/Users/Default/ but Adium just doesn’t see the private key.

    When I go into Advanced in Adium, it says no private key present. I noticed a difference between the otr.private_key format in Adium and in Pidgin. In Pidgin the name is ‘JID/resource’ e.g. (name “bob@foo.com/bar”), but in Adium it’s whatever number the account is (name “1” for the first account listed).

    Changing the name field doesn’t make Adium even see the key. However, when you generate one it clobbers your key and uses its key. This is really frustrating. Guardian Project’s keysync is of no help either.

  4. Posted 21 October, 2014 at 09:48 | Permalink

    Hi, I am trying to copy my Adium keys over to an instance of Pidgin running on Windows 8. Any hints as to where to place the files and how to modify them to suit the Windows flavour? Or can Pidgin somehow import them? I’m at a loss.

  5. Jim
    Posted 23 January, 2015 at 14:10 | Permalink

    I’m using Mac OSX Yosemite and there is no Adium folder within /Library/Application Support/

    Any suggestions?

    • Parker Higgins
      Posted 26 January, 2015 at 21:07 | Permalink

      No, unfortunately–I never made the “upgrade” to Yosemite and I don’t know where Adium puts the key now.

      • Jim
        Posted 4 February, 2015 at 14:34 | Permalink

        Damn, Ya I’ve browsed through all of the Adium related subdirectories and can’t seem to figure out where they’ve got the keys stored.

      • Jim
        Posted 4 February, 2015 at 15:29 | Permalink

        Ok so I finally located the Adium files. They consist of otr.fingerprints, otr.private_key, and OTR.plist. What exactly do I do with these now to get them into Pidgin and setup my account?

      • Jim
        Posted 4 March, 2015 at 16:28 | Permalink

        so I finally located the Adium files. They consist of otr.fingerprints, otr.private_key, and OTR.plist. What exactly do I do with these now to get them into Pidgin and setup my account?

  6. Jim
    Posted 1 March, 2015 at 10:09 | Permalink

    Any ideas?

  7. Jim
    Posted 17 July, 2015 at 18:41 | Permalink

    so I finally located the Adium files. They consist of otr.fingerprints, otr.private_key, and OTR.plist. What exactly do I do with these now to get them into Pidgin and setup my account?

Post a Comment

Your email is never published nor shared. Required fields are marked *

You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*
*