Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn

 

Friday, September 19, 2014

 
  New Resources
Travel Tips for Data Security
Free Security/Privacy Training Resources
Penn+Box
Two-step verification
Combating Malware
SafeDNS
Phishing Archive
Cloud Computing and Data Outsourcing
Best Practices for Applications with Confidential University Data
 
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Spam
Phishing
Wireless Networking
Encryption & digital signatures
 
  Best Practices
Secure desktop computing
Secure servers
Secure data deletion
Securing printers
Tips for safe computing
Computing policies
 
  More in-depth information for
Local support providers
System administrators
 
  Security initiatives
Critical host compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
Secure Space
Vulnerability Scanner
 
  Related links
Electronic privacy
PennKey
Viruses
Worms, trojans, backdoors

Using Thunderbird with GPG

Installation

  1. GPG (GNU Privacy Guard) from macgpg.sourceforge.net: Windows, Mac OS, or UNIX
  2. Enigmail to allow signing, encrypting, and decrypting within Thunderbird:
    1. Download Enigmail: http://enigmail.mozdev.org/download/
      (Firefox users: control-click and choose "Save link as...") and verify the signature.
    2. Launch Thunderbird 2.0 and navigate to Tools -> Add-ons; click the "Install..." button. Select the file you downloaded, and restart Thunderbird.

Configuration

  • When you select a message in Thunderbird for the first time, you'll be prompted to use the OpenPGP Setup Wizard to configure OpenPGP.
  • The Wizard will configure the following by default:
    • All messages will be PGP-signed.
    • Messages will be PGP-encrypted only for selected recipients.
    • Email to be composed in plain text (for improved compatibility).
  • After completing the OpenPGP Setup Wizard, OpenPGP may report the error: " gpg command line and output:,/usr/local/bin/gpg --charset utf8 --batch --no-tty --status-fd 2 -d,gpg: invalid armor header: >\n,gpg: invalid armor header: >\n

Use

  • By default, all messages will be PGP-signed. That default can be changed under Tools -> Account Settings. Expand the section for your account, select OpenPGP Security, and change Message Composition Default Options as desired.
  • To encrypt a message, in the Compose window, pull down the OpenPGP menu and select "Encrypt Message"..
  • If a message is signed but you don't have the key, you will be prompted to download it from a keyserver. However, both keyservers tested failed (the query hung).
  • Before using a key you've downloaded, you should (at minimum) contact the recipient by phone or in person to verify that the specific key ID you found actually belongs to them. In the search results window, the key ID is the first item in the description, beginning with 0x and a series of 8 hexadecimal characters.

Caveats

  • Testing was done in January 2009 with Thunderbird 2.0.0.19.

Last updated: Thursday, April 9, 2009

top

Information Systems and Computing
University of Pennsylvania
Comments & Questions


Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania