How to set up Everything

Internetbrowser

There are no trustworthy browsers. Face it. Use Tor if possible.

 

Install …

Tor Browser

 

Simply defaults:

 

 

 

 

Have fun. If you think you will need Firefox, you will find a description further below.

A Mailclient

If you plan to use Agencyprof “e-mails included” you will need a mailclient. Install Thunderbird in the most recent version (or use a portable version). For now we will do an installation, later you will find me using the portable version, there is not much difference.

still is an installer. But it will only extract all files needed to a directory. This is moveable then.

 

will start an install

 

Portable version joins in again to create a mail account. You should have the data of your mailbox ready.


 

If you are using secure connections you may be required to accept a certificate.


Afterwards you will find the account top left in the Thunderbird window.

You might want to subscribe to your folders (Ordner abonnieren)

 


.. and you should check the privacy settings

 

 


Next manage the Add-ons:

search for “enigmail” and click install …

 


and then “Restart now” …

Start the wizard (it opens itself) and click install in the next window.

Select your language (for the installer – not the program) …


Just accept the defaults:

 

I do not want to encrypt whenever possible (but may me you decide different),

but I will sign my messages by default.

In the next window click details first:

 


this will allow to alter some defaults you might feel harsh. If you leave all enabled you are on the safe side. You will get warnings if you sign HTML mails, they are being converted to plain text.

 - … then [Next]

 

A key is required, we create one.


Create a passwort to protect your key. Take a good one, not used before.

summarising, key generation,

and creating the certificate.

You will be asked to save a revocation certificate somewhere. In case you want to invalidate your just created certificate, this one will be needed. Save it at a safe point where you will find it again. The desktop is not a good choice.

yes.


Then, in Thunderbird open the Key Management:

click on your key – select “Keyserver” and upload your public key.

this is default – seems ok.

Remark: When you created your private key – that has to be kept strictly private all time – a public key was created also. This key can and should be known by as many people as possible. They can import it into their key management and use it to encrypt messages to you

Others might think different:: if you want to keep it protected and only special people should use it – get another mail address and another key and do not upload it to a server. (Sending it by mail or storing it to USB devices might look not too clever then also.)

 

Since we did not even test our Thunderbird yet, why not just test the key thingy also?

You can read much more here if you want. http://gpg4win.de/handbuecher/einsteiger_8.html,

The walkthrough is this:

(From time to time you will be asked for the passphrase you entered above. In the preferences of enigmail you can set a bigger idle time. Within that your password will be remembered)

 

Since this is the first mail written here you might be required to accept a certificate from your outgoing mailserver. Sometimes the window that requests this will open hidden behind other windows – and when you found it at last possibly other windows timed out. Well, in doubt and strange errors on first send: close some windows, find the message about the certificate and accept it permanently – after checking it of course. Then restart Thunderbird and all should be fine. This is just to assure you that computers are not too clever.

 

We are going to send our public key to Adele, a friendly mailrobot. Since Adele is not the brightest (see above) and did not learn to download our public key on herself, we will send it to her.

Open the key management as before, click on your key and select “Send Public Keys by Email”.

You will get a mail with your public key attached. Address it to adele@gnupp.de.


When prompted I choose not to sign this. May be you can, let try us not to confuse the bot.

and shortly after Adele’s answer came in.

This message was encrypted and only you can read it. Have beer.

 

If you are signing or encrypting HTML mails, the outcome may fail. I am ignorant here – just testing. Keep in mind to encrypt (and possibly sign) only text-only mails in real life.


At last let us check if we can find keys: Open the key management,

Let us look  for Adele:

Check the mark and press ok to download it’s public key, …

 

And now we could encrypt our mails to Adele.

Have fun.


Firefox:

If you cannot help it and really have to install another browser, you might want to install firefox.

Install options:

Start, ...

 


 

... not now ...

 


set default browser, ..

 

open new tabs without advertisement, ...

 


define options:

 

talkative?

 


set start page festlegen,

 

Privacy, ...

 


delete already present cookies, ...

and done.