The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 30: | Line 30: | ||
There are many ways to set up encryption. It's fine if you choose to use a different method. This is a procedure which works as simple as possible on Michigan Tech's campus network. If you have improvements which make things easier (without making them less secure), please let us know. Below is a step by step guide for computers which you maintain (as opposed to the MTU admins). | There are many ways to set up encryption. It's fine if you choose to use a different method. This is a procedure which works as simple as possible on Michigan Tech's campus network. If you have improvements which make things easier (without making them less secure), please let us know. Below is a step by step guide for computers which you maintain (as opposed to the MTU admins). | ||
===Setting it up | ===Setting it up on your MTU account=== | ||
# Set up your e-mail account in Thunderbird. This is as easy as clicking the "use existing account" button, then entering your name, e-mail and (ISO) password, and tell Thunderbird to sort it out. | |||
# | # Create your key-pair with Kleopatra. Choose the ''New certificate'' option from the file menu, then the option to create a PGP key pair. Fill out the fields (comment may be empty) and let it create the key. Choose a good passphrase; you should expect that some people will get access to your USB stick at some point; the passphrase is the only thing that protects your communication at that point. Note that making it a real phrase of several words is very secure and doesn't stop you from remembering it; adding some special characters is not secure and hard to remember. Do not use a password you use for anything else, in particular '''DO NOT USE YOUR ISO-PASSWORD!''' | ||
# Tell Kleopatra to upload your public key to a key server | |||
# In Thunderbird, change your account settings to not compose HTML messages (as that is known to cause problems). Then enable OpenPGP. Select the option to automatically sign encrypted messages. If you want, you can also select auto-sign non-encrypted messages and auto-encrypt. | |||
# Test if it works. Send a message to yourself and make sure you have the two icons in the bottom right corner of the compose window (the pencil and the key) are lit up. | |||
# When receiving the message, it should show a green bar on top, saying that it has found a good signature from yourself. | |||
# To send encrypted e-mail to someone whose public key is not on your USB-stick yet, proceed as usual. It will give you a window asking you what to do; tell it to download the missing keys. If the key is not found, you cannot send encrypted e-mail to this address. In that case, choose to not send the e-mail, or send it unencrypted. | |||
# | |||
# Thunderbird | |||
# | |||
# | |||
# | |||
===Setting it up on your own computer=== | ===Setting it up on your own computer=== | ||
# Install [http://www.mozilla.org/en-US/thunderbird/ Mozilla Thunderbird] and gnupg ([http://gpg4win.org/ Windows]/[https://gpgtools.org/installer Mac]) on your machine. On GNU/Linux, install with your package manager instead of using the previous links. On Debian, note that Thunderbird is called Icedove. | # Install [http://www.mozilla.org/en-US/thunderbird/ Mozilla Thunderbird], the [http://enigmail.net/download/ Enigmail] plugin and gnupg ([http://gpg4win.org/ Windows]/[https://gpgtools.org/installer Mac]) on your machine. On GNU/Linux, install with your package manager instead of using the previous links. On Debian, note that Thunderbird is called Icedove. | ||
# | # Run seahorse or Kleopatra, and close it again. This way your gnupg folder will be created so you can find it for the next step. | ||
# | # Insert the USB stick with your key. Copy the ''gnupg'' folder on it to your local keystore. Where this is depends on your operating system: | ||
#* On GNU/Linux, it is located in your home directory and named .gnupg" (note the period at the start). If a directory with that name already exists, you should remove it. But take care; it may contain keys you don't want to lose. If you're not sure, rename it instead of removing. | |||
#* On Windows, it is located under your user's ''Application Data'' folder and named ''gnupg''. | |||
#* On a Mac, it's probably the same as for GNU/Linux, but I have not checked. Please edit this if you have. | |||
# Set up your e-mailaccount in Thunderbird. This works the same as on MTU's computers. Also follow the other steps for setting up and testing Thunderbird from the above list. | |||
{{Page data}} | {{Page data}} | ||
[[Category:MOST methods]] | [[Category:MOST methods]] |