Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've been thinking about using ProtonMail or Tutanova but I came across PGP encryption for email and that sounds like it might be the best thing to use as it works within Gmail or whatever and all you really need (it seems) is to get Mailvelope in Firefox and do a few things and you're good to go. It is as easy as it seems?
Only when it works. By which I mean that there seems to be many ways to break it, but once you get it working it seems to work well for a long time. Follow the setup instructions very carefully.
Right off the bat: You should move off Gmail if you're interested in keeping your emails secure. Google is one of the biggest email snoopers out there.
The trouble with PGP is that it only works if both participants are using it. The people you are mailing need to have public keys that they can supply you with.
I remember an earlier thread in which someone (I can't remember who) posted that he would not do business by email except with people who were prepared to sign their messages cryptographically.
I remember an earlier thread in which someone (I can't remember who) posted that he would not do business by email except with people who were prepared to sign their messages cryptographically.
I don't see an issue with that. One can easily make a burner email account and generate keys associated with that email. No need to disclose any personal information.
The trouble with PGP is that it only works if both participants are using it. The people you are mailing need to have public keys that they can supply you with.
Then you have to define “security” and “trouble”, first.
Once you want it work this way, it works nicely and no trouble nowhere.
Quote:
I remember an earlier thread in which someone (I can't remember who) posted that he would not do business by email except with people who were prepared to sign their messages cryptographically.
As the OP wrote about encrypting mail, signing is not strictly on-topic, here. But, of course, GnuPG (why PGP?) does this well. I sign my mail since the years 00, and did it occasionally before that. Meaning, that all my mails are authenticated. Not that anyone cared, though. The companies and other parties which insist on cryptographic signatures appear to have fallen for other systems. The French ministry of culture and communication, as such watching over computer security and stuff.., rejects my mail if it is signed with GnuPG, not otherwise...
That is trouble, for me. These days, when people ask, if they should ... I tend to answer: Do as you please. It does not seem to matter anyway.
Only when it works. By which I mean that there seems to be many ways to break it, but once you get it working it seems to work well for a long time. Follow the setup instructions very carefully.
Right off the bat: You should move off Gmail if you're interested in keeping your emails secure. Google is one of the biggest email snoopers out there.
I'd be happy to help you practice sending and receive PGP emails. Let me know, and I can make a temporary key pair.
Thanks Contrapak. And thanks for the guide. That'll really help. And thanks for the practice offer. Appreciate it!
P.S. But I was just looking over the guide and it looked so complicated. The appeal, for me anyway and perhaps misguided, of PGP emailing was that it was pretty simple. Like I was saying in that first post (and the link there). Is it that easy?
The trouble with PGP is that it only works if both participants are using it. The people you are mailing need to have public keys that they can supply you with.
Thanks Hazel. There is only one person I want to use it with, so this shouldn't be a problem.
But even encrypting your email won't hide such things as the sender, recipient, subject line etc...
You may be better off using webmail (such as protonmail.com), since the transmission will be via HTTPS.
https only encrypts the transmission between the client/desktop and the server...having an https connection to a webmail server says nothing about the encryption of the email itself.
I suspect that any encryption of email is going to leave the headers intact because they define the destination of the message and/or are added by servers en route and wouldn’t, therefore, be encrypted.
I use Thunderbird with Enigmail for encryption. They work pretty seamlessly, allow per User choices to be saved, such as whether or not to use encryption for E-Mail messages themselves, and GMail allows SSL/TLS for transportation of E-Mail. Signing of messages is also allowed. Multi-part messages are supported; even attachments are encrypted.
Not sure if I need to make a new thread, but I figured I'd ask in a PGP thread:
Does anyone know if it's possible to update a PGP key already uploaded to the MIT PGP server? I recently made a RSA2056 key and uploaded it to the server. A few days later, I made a new one with RSA4096 and want to replace the 2056 one. Is this possible?
You can add your new key. AFAIK the old key-servers are not allowing the replacement of one key against another. Based on the key-id, you can replace a key with the identical id, meaning that you can “add“ signatures. Exchanging keys with different IDs (different keys) is not possible...
Things like this had been considered for long and new key-servers are in operation, now. I do not know what they have implemented in the meantime.
But even encrypting your email won't hide such things as the sender, recipient, subject line etc...
You may be better off using webmail (such as protonmail.com), since the transmission will be via HTTPS.
Anonymization had not been the topic, here.
Web-mail is not mail but giving you, via HTTP, a view on your mail (which came by mail, not http) and “something” is relaying the input from a HTML input form for transport via the mail-system.
GnuPG or PGP are playing no role in this context. You can try to encrypt something you want to hand over to a HTML-form, but you can bet that “something” (the same) will mangle the document in a way that renders it incompatible to something else. PGP and GnuPG are for mail, not for HTTP.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.