1 / 11

GnuPG/Enigmail

How to use email the right way ^ securely. GnuPG/Enigmail. Disclaimer. /me is not Mac literate Ask Ryan ;-) Things may go wrong Grab the back of your pants and let’s fly!. Why GnuPG ?. http:// www.gnupg.org/faq.html Free as in beer! Free as in freedom!

aden
Download Presentation

GnuPG/Enigmail

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How to use email the right way^securely GnuPG/Enigmail

  2. Disclaimer • /me is not Mac literate • Ask Ryan ;-) • Things may go wrong • Grab the back of your pants and let’s fly!

  3. Why GnuPG? • http://www.gnupg.org/faq.html • Free as in beer! • Free as in freedom! • Compatible for the most part with PGP • Industry standard RSA/DSA encryption • Can sign/encrypt email, files, etc… • Allows you to know who sent an email • Allows you to encrypt email for security

  4. Tutorial(s) • We’ll be following the tutorial here: • http://people.via.ecp.fr/~clem/nist/gpg-enigmail-howto.php • Instead of typing that, type this: • http://snipurl.com/gpg-tutorial • Mac Users: check out • http://enigmail.mozdev.org • Look at QuickStart guide: Mac section • MacGPG = OS X 10.4 or greater • Fink project • MacPorts project

  5. Prerequisites • Install Mozilla Thunderbird 2.0 • If you already have it, good! • http://www.mozilla.com/en-US/thunderbird/ • Install GPG • “GnuPG1.4.9 compiled for Microsoft Windows.” • ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.9.exe • c2efad983dfe50e6d8007257bad2c76604be389a  gnupg-w32cli-1.4.9.exe • In cygwin: • sha1sum.exe gnupg-w32cli-1.4.9.exe • OR: • Debian/Ubuntu: • apt-get install mozilla-thunderbird-enigmail • Make sure you’ve updated debian’sOpenSSL • GnuPG doesn’t use it, but just to be safe! • OR: Source Tarballs: • See GnuPG site!

  6. Install Enigmail • Got Thunderbird working? • Install Enigmail extension from: • http://enigmail.mozdev.org

  7. Configure GnuPG • In windows, set PATH to include gpg.exe • Make sure Thunderbird knows too! • How? • Open preferences • Set path to GPG in the dialog: • C:\gnupg\gpg.exe on Windows • /usr/bin/gpg on GNU/Linux • Use output of `which gpg` for strange installs

  8. Advanced configuration • There is a gpg.conf file you may edit for extra preferences • I use “digest-algoRIPEMD160” • Can set preferred keyservers manually, etc… • It resides in GPG’s home directory. • gpg --version • C:/Users/<UserName>/AppData/Roaming/gnupg • ~/.gnupg (IIRC) • Actual keyring files: • secring.gpg and pubring.gpg • Look online for advanced things

  9. Generate Keypair • Enigmail makes it really easy to generate a new keypair! • Open the Key Management window and select New Key Pair. • Select email account for key to be used with • (Optional) Fill in key size • “Advanced” tab • (I like 4096, but 1024 is sufficient) • Use DSA & El Gamal • Why Key expiry? • http://www.linuxjournal.com/article/4892 • Add a key passphrase!!! Never click “no passphrase” • Choose a good one, this is important! • To add an existing key pair, in the Key Management window, from the File menu, click Import Keys from File. • Keys should be in “ASCII armored” format

  10. If all went well… • You should be good to go :-D • If not… • Help time • For more: • Google is your friend! • Enigmail mailing list! (See next slide)

  11. The Enigmail Mailing List • enigmail@mozdev.org • Via www: • https://www.mozdev.org/mailman/listinfo/enigmail • Via email • send a message with subject or body 'help' to enigmail-request@mozdev.org • Etiquette • Don’t Top Post • Don’t send encrypted email to the list!!!! • Signed is ok! • Regulars are pretty helpful, and some (usually John Clizbe, et. Al.) will be glad to test encryption OFF LIST

More Related