<dd>To use the diceware method, you will need dice (preferably 5, but 1 will do) and <a href="http://world.std.com/~reinhold/diceware.wordlist.asc">this list of words</a>. Do not substitute computer dice for physical dice. Notice that each word on the word list corresponds to a unique five-digit number. Role one dice five times, or five dice once to select the first word. Don't rearrange or discard words, because doing so makes the process much less secure. Repeat this process until you have at least six words, and there's your password.</dd>
- <dt>Command-line key generation</dt>
+ <dt>Command line key generation</dt>
<dd>If you prefer using the command line for a higher degree of control, you can follow the documentation from the <a href="http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto-3.html#ss3.1">GnuPG Mini Howto</a> or <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>. Make sure you stick with "RSA and RSA" (the default), because it's newer and more secure than algorithms recommended in the old previously mentioned documentation.</dd>
<dt>Advanced key pairs</dt>
<div class="troubleshooting">
<h4>Advanced</h4>
<dl>
- <dt>Uploading a key from the command-line</dt>
- <dd>You can also upload your keys to a keyserver through the <a href="https://help.ubuntu.com/community/GnuPrivacyGuardHowto#Uploading_the_key_to_Ubuntu_keyserver">command
-line</a>. <a href="https://sks-keyservers.net/overview-of-pools.php">this webpage</a> maintains a good list highly interconnected keyservers. You can also <a href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key</a> as a file on your computer.</dd>
+ <dt>Uploading a key from the command line</dt>
+ <dd>You can also upload your keys to a keyserver through the <a href="https://help.ubuntu.com/community/GnuPrivacyGuardHowto#Uploading_the_key_to_Ubuntu_keyserver">command
line</a>. <a href="https://sks-keyservers.net/overview-of-pools.php">this webpage</a> maintains a good list highly interconnected keyservers. You can also <a href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key</a> as a file on your computer.</dd>
</dl>
</div><!-- /.troubleshooting -->
</dl>
</div><!-- /.troubleshooting -->
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>Advanced</h4>
- <dl>
- <dt>Encrypted a message from the command-line</dt>
- <dd>You can also encrypt messages from the <a href="https://enigmail.wiki/Signature_and_Encryption#Encrypting_a_message">command-line</a>.</dd>
- </dl>
- </div><!-- /.troubleshooting -->
+
+ <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+ <div class="troubleshooting">
+ <h4>Advanced</h4>
+ <dl>
+ <dt>Encrypt messages from the command line</dt>
+ <dd>You can also encrypt and decrypt messages and files form the <a href="https://www.gnupg.org/gph/en/manual/x110.html">command line</a>, if that's your preference.</dd>
+ </dl>
+ </div><!-- /.troubleshooting -->
+
</div><!-- End .main -->
</div><!-- End #step-3b .step -->
</div><!-- End .main -->
</div><!-- End #step-3c .step -->
-<!-- STEP 3D IS COMMENTED OUT UNTIL WE FIND A WAY TO VALIDATE SIGNATURES
+
<div id="step-3d" class="step">
<div class="main">
<h3><em>Step 3.d</em> Send a test signed email to a friend</h3>
- <p>Write a new email in your email program, addressed to a friend. If you want, tell them about this guide!</p>
- <p>Before sending the email, click the icon of the pencil in the bottom right of the composition window (it should turn yellow). This tells Enigmail to sign the email with you private key.</p>
- <p>After you click send, Enigmail will ask you for your password. It will do this any time it needs to use your public key.</p>
+ <p>GnuPG includes a way for you to sign messages and files, verifying that they came from you and that they weren't tampered with along the way. These signatures are stronger than their pen-and-paper cousins -- they're impossible to forge, because they're impossible to create without your private key (another reason to keep your private key safe).</p>
+
+ <p>You can sign messages to anyone (including people who haven't created their own keypair!) so it's a great way to promote GnuPG. To sign an email to a friend, click the pencil icon next to the lock icon so that it turns gold.If you sign a message, Enigmail will ask you for your password before it sends the message off. I will do this every time it needs to use your private key.</p>
+
+ <p>When the pencil is gold but the lock is grey, the email will be signed but not encrypted. When the pencil is grey and the lock is gold, the email will be encrypted but not signed. When they're both gold, the email will be signed and encrypted.</p>
</div>
- </div>-->
+ </div>
</div>
- </section><!-- End #section3 -->
+ </section>
<!-- ~~~~~~~~~ Section 4: Learn the Web of Trust ~~~~~~~~~ -->
projects / enc.git / blobdiff