Configuring Secure Email for Ubuntu

Configuring Secure Email for Ubuntu
Page content

Scrambled E-mails’ Comin’ Right Up!

Just one look at the voluntarily published shenanigans on Facebook would almost convince an observer that online privacy is a thing of the past. Being a flagrant exhibitionist is one thing, that is meant to go out for public consumption. E-mails are the kind of thing that most PC users would like to be kept private. It is well-known that unsecured email is one of the easiest means of communication for a third-party to hack into, especially when its going over a wireless modem or a mobile device. Better security is why many PC users like me have switched over to Ubuntu in the first place. Fortunately for you old-fashioned types like me, who still feel that your communications should be nobody else’s business, there are many options available to configure secure e-mail for Ubuntu.

An Ubuntu User has two general options to make use of encrypted e-mail. The first is to use an encryption program, and the second to set up your own mail server and give your friends and family encrypted accounts.

As Usual, Enough Tools to Equip Your Own Agency

The first option is probably better when there are only a few people you would like to send secure messages too (Lawyers, Accountants, Mistresses). All the tools you need come included in your Ubuntu install, via the GNU Privacy guard.

“GnuPG uses public-key cryptography so that users may communicate securely. In a public-key system, each user has a pair of keys consisting of a private key and a public key. A user’s private key is kept secret; it need never be revealed. The public key may be given to anyone with whom the user wants to communicate.” From The GNU Privacy Handbook. With this program, you have near military-grade encryption tools at your disposal.

However, since the built-in GnuPG is accessible only through terminal commands in many versions, I would recommend installing one of the graphical interface programs available through the add/remove feature. Enigmail, GNU Privacy Assistant, and Seahorse are all good GNOME options, while KDE users can choose between KGPG and Kleopatra. If for any reason these programs cannot be found through the repositories, simply type sudo apt-get install (app name). Except for GNU privacy assistant, for that one it is sudo apt-get install gpa. GNU privacy assistant has, however, been included in every Ubuntu installation I have ever installed, so unless you installed a custom build or installed one of the stripped-down usb install versions, it is unlikely it will be necessary to install it in this way.

Get Your GNU Encryption Tools

With the GNU Privacy Assistant, generating your key takes only a few minutes.

gnu1

The first time you open it, it will prompt you to create a key. Just enter your name, the e-mail addresses and a password, and the program will automatically create your key. It is much easier to do it this way than through the terminal, but you want to explore doing it manually, check out the Ubuntu Forums. There is no limit to the number of keys you create. If you are using separate e-mail addresses for separate persons, creating a key for each e-mail protects you from the dreaded ‘‘copy to all’’ mistake.

gnu2

Once you have created your public key, then you may send it out to the people you wish to communicate securely with. Be careful about who gets your key, as possession of it would allow instant decryption of any intercepted message. Once you have your key, then you will need your encryption software. I use Mozilla’s free Thunderbird client as it meshes easily with GNU Privacy Assistant and Enigmail.

Completing the Puzzle

key-import-to-thunderbird

Once you have Thunderbird installed, it will simply upload the public key that you generated earlier into the software. Now you can start sending e-mail with encryption so tight it would take even most intelligence agencies a real effort to crack (provided they don’t have your key of course).

If making and sending out keys to your recipients isn’t your cup of tea, the alternative open to you is to set up a private mail server and create addresses for the people you wish to communicate securely with. Though this takes significantly more time and effort, especially for the non-tech oriented, you and your users will also have secure Instant messaging and forums as well. There is no need to swap keys about as the secure server is itself already encrypted. This is a much longer build than setting up keys, but if you are interested, a detailed tutorial for a program called citadel is freely available.

If you don’t have Ubuntu, you too can have access to these powerful tools by installing a virtual machine to run alongside your Windows or Mac OSX.

Switching to encrypted e-mail from unsecured versions is the electronic equivalent of sending a whisper in a crowded room rather than shouting at the top of your lungs for the whole world to hear. In a world where you can’t even let loose at a party without seeing it on YouTube the next day, it’s a comforting tool to have.

References