Cheap VPS & Xen Server


Residential Proxy Network - Hourly & Monthly Packages

Thunderbird Email Encryption with GnuPG2


This tutorial describes the configuration of Thunderbird and GnuPG2 to send and receive encrypted email.

I assume that you have installed Thunderbird, gnupg2 and some game

Generate a key pair (public and private keys) from the command line, because in case of error you’ll be more likely to see it there instead in crashed GUI application. Type gpg --gen-key and follow the pictures:

gpg-gen-key

gpg-gen-key1

gpg-gen-key2

gpg-gen-key3

gpg-gen-key4

gpg-gen-key5

gpg-gen-key6

Start some game and play it, in my case I played Red Eclipse.

gpg-gen-key7

Open up Thunderbind. By default, Thunderbird has hidden the menu bar so we will have to make it visible. Right click below your window title and enable the menu bar option.

menu-bar

Prefer plain text over HTML and never use PGP/MIME or S/MIME. Why you should not use them – read the information in this website https://futureboy.us/pgp.html

message-body-plain-text

Enable phishing protection – also known as email scams. Edit -> Preferences -> Security -> Email Scams

email-scams

Install the Enigmail addon: Tools -> Add-ons

accept-cookies

Install the Enigmail addon: Tools -> Add-ons

install-enigmail

Once installed, it will ask you to restart the bird, do it and verify that OpenPGP is listed in the menu bar after that.

openpgp-in-menu-bar

Click over the OpenPGP and select Setup Wizard

openpgp-setup-wizard

openpgp-setup-wizard-1

openpgp-setup-wizard-2

openpgp-setup-wizard-3

openpgp-setup-wizard-4

openpgp-setup-wizard-5

Click over the OpenPGP and select Setup Wizard

openpgp-setup-wizard-6

In case of multiple accounts, repeat those steps for each one.

It’s time to exchange your public keys with others, before doing this I would recommend you to experiment with a second email account or alias.

Write some random email to the second email address and:

exchange-pub-keys

 

Once the email is received in your other email account, make sure to – sign and encrypt the message and attach your public key for first time.

exchange-pub-keys3

Once the email is received in your other email account, make sure to – sign and encrypt the message and attach your public key for first time.

exchange-pub-keys4

In order to read the encrypted email reply, you will have to enter your passphrase. After that import the sender’s public key.

exchange-pub-keys5

keys-exchanged

In order to read the encrypted email reply, you will have to enter your passphrase. After that import the sender’s public key.

exchange-pub-keys6

Change the trust settings for the sender’s public key, notice the blue background and how it will be changed with a green one.

exchange-pub-keys7

exchange-pub-keys8

The last picture demonstrates how to check the email source and see that the email is really encrypted.

If you want to send and receive encrypted emails from your alias, click over Edit and select Account Settings

add-alias

add-alias-1

Click add

add-alias-2

In the Settings tab fill your Real Name and alias email address

add-alias-3

 

In the Settings tab fill your Real Name and alias email address

add-alias-4

Some commands that you should know:

Generate a key pair
gpg --gen-key

List keys
gpg --list-keys

Export my private/public keys by using my email address
gpg --export --armor --output my_pub_key.asc user@email.com
gpg --export-secret-keys --armor --output my_private_key.asc user@email.com

Export my whole private/public keyring
gpg --export --armor --output pub_keyring.asc
gpg --export-secret-keys --armor --output private_keyring.asc

When importing a key, first import the public key then the secret one.
gpg --import pub_keyring.asc

Certificate Managers:
kgpg, seahorse, kleopatra

 

Comments

comments