Quote from: Oompaloompa on July 14, 2012, 12:29 pmHi, I'm asking here as I figure you guys'll have a better idea than most on how to get this to work.I previously had a windows OS and GPG4Win but have now scrapped windows and installed Linux Ubuntu 12.04I saved all my public/private keys but I've had problems setting up GPG on Linux. The only encryption program I could find was the enigmail add-on for thunderbird & I've set that up but I've got some queries:This bit is excellent.Quote from: Oompaloompa on July 14, 2012, 12:29 pm1: Enigmail only seems to encrypt while sending e-mail, which I don't want. I want to write a message encrypt it then copy/paste the pgp message to SR (as with gpg4win) but the only way I've found is to save the e-mail as draft, encrypt on saving and then go into drafts & copy the pgp message. Surely there's an easier way to do this?Enigmail is a GPG frontend specifically for email through Thunderbird. It's very good, but not ideal when a lot of your encrypting and decrypting will take place outside of Thunderbird.If you need a frontend then you should consider the options on this page:http://www.gnupg.org/related_software/frontends.en.htmlPerhaps KGpg or Seahorse. I can't vouch for either of them since I use GPG on the command line or within an Emacs buffer.Quote from: Oompaloompa on July 14, 2012, 12:29 pm2: Similarly I can't find how to decrypt a pgp message sent to me on SR?You would save the encrypted message as a file and then decrypt it with a frontend or on the command line (the command is "gpg filename.txt.asc" unless the sender has done something clever, like use the for-your-eyes-only option).Quote from: Oompaloompa on July 14, 2012, 12:29 pm3: I'm uneasy with having my (fake) PGP e-mail and keys associated with my real e-mail setup. Enigmail only lets me encrypt when I create an e-mail draft with my real mail settings otherwise I get the errors "INV_RECP 0 " and "Unable to save your message as draft.Please verify that your Mail & Newsgroups account settings are correct and try again."Are there any security risks here? and is there a way to create encrypted messages without any connection to my realworld e-mail settings?I would try to avoid mixing the SR data with regular data.If you want to access the SR stuff from your default installation (i.e. without messing around with VMs, flash drives, hidden systems, etc.) then do something like this:1) Install TrueCrypt.2) Create a new volume (make sure it has lots of space) to be mounted to something like "/homes/" or "/home2/" (the normal directory is "/home/").3) Mount it.4) Create a new user for your SR usage. When creating the account make sure that the home directory is set to "/homes/$USERNAME" (as long as the first part matches the volume created in step 2 and $USERNAME can be whatever you want).5) Log into the new account and set it up as you like (installing GPG keys, configuring Thunderbird & Enigmail to access Tor Mail, setting up the Tor Browser and anything else that makes it easy to use).When you are not using that account, unmount the TrueCrypt volume and all those details will be inaccessible. Plus if you accidentally leave something decrypted in that user account, it will still be protected by TrueCrypt.Quote from: Oompaloompa on July 14, 2012, 12:29 pm4: I tried the S/MIME option but got the message "You need to set up one or more personal certificates before you can use this security feature. Would you like to do so now?" when I click yes I get to a security screen & try to select a certificate. But I get"Certificate Manager can't locate a valid certificate that can be used to digitally sign your messages."What sort of file do I need? Not sure if I had thison GPG4Win but I think so and it should be backed up so what am I looking for?S/MIME is an alternative method of achieving email encryption. It depends on a MIME capable mail client so it will not be helpful on SR.Quote from: Oompaloompa on July 14, 2012, 12:29 pmSorry for the long message but I'm just getting to grips with Linux and enigmail and I want to get this sorted out securely but haven't been able to find clear answers elsewhere online. Hopefully someone here can help me.Quite alright. Once you get used to it you won't look back.