Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
before i start reading about encrypting emails,I thought you guys here could help me which method i should use.SSL or PGP or any other?
I'm newbie and needs encrypting emails the easiest and most secure way.
Easy way because I"m newbie and people I'd like to send encrypted emails are even newbiest then me.Btw, they are using Microsoft Windows,not a Linux.
So i need it easy for both side.
I'd say PGP. You should have GPG already, which is like PGP that you find on Windows. When I encode something, the WIndows people can decode it. I'd bet you can do the same with SSL, they mention in several howtos that you can encode email, but I find the whole SSL bit more differicult to work with. Go to http://www.gnupg.org and learn about it, it can be trick with it's command line interface at first. But please, do me a favor and don't encrypt everything like some people do. I see people encoding stuff like "Hey, man, it's raining today!" Who cares!?
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
SSL (actually TLS when used with e-mail) is a transport-layer security and is only encryption of SMTP sessions, not the actual message. PGP (and GPG) encrypt the contents of a message and it's end-to-end encryption.
There are numerous sites which describe each in detail, but it really boils down to whether you and your friends each have your own SMTP servers. If your friends have for instance, Exchange (ripping off CDs from work, eh?) then you can setup your MTA to use TLS (Postfix and Sendmail both support this, I think Qmail and Exim do as well but I have no experience with them using TLS). The Exchange IMS connector can use TLS as well. You will need to have one of you setup a Certifying Authority to sign your certificates. Then you will need to generate a certificate for each server and sign it with your CA. Then install the certs on each server. When you send messages between each others' servers, they will be encrypted (in fact the whole session, including all the commands after STARTTLS will be encrypted).
PGP will encrypted the message on your desktop and let you send it through whatever servers you want (for instance through your ISP's mail server). The message will remain encrypted until it gets to your friend's desktop and they decrypt it with your public key.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.