www.thorko.de Thorsten Kohlhepp - Systems administrator | Email encryption

 

OpenPGP and Thunderbird


Sending encrypted mail isn't that difficult as it sounds like. You will have to install some extension for Thunderbird, generate a public / private key pair, import the public key of the recipient and that's it.

But let me go into detail.
An encryption / decryption works like this: You're using the public PGP key of the recipient to encrypt your message. Only the person who owns the private key to this public key will be able to decrypt the message and read its content.

First install this extension
https://addons.mozilla.org/en-US/thunderbird/addon/71
in Thunderbird. To do this right click on the "Download" button and select "Save as...".
Once it got downloaded open Thunderbird and click on "Tools"->"Add-ons". You will see a button at the bottom of the windows which says "Install...", click on it.
Select the file you have just downloaded and install it.
When done, restart Thunderbird. You will recognize the menu toolbar has changed and you see a new menu called "OpenPGP".
So now it's time to generate your public / private key pair.
Select "OpenPGP"->"Key management". Click on "Generate"->"New Key Pair". Choose your account you are going to use this key pair for. Leave the "Passphrase" empty and make sure "No passphrase" is selected. Also check "Key does not expire" to make sure your key is valid forever.
Now hit "Generate key" and wait till it finishes. When it will ask you to create a revocation certificate click on yes and save it to a secure location.
That's it.

Make adjustments to OpenGPG settings

Some of the default settings aren't convenient so it's better to make those adjustments.
Open the preferences of OpenPGP
1. On the "Basic" tab select "Never ask for any passphrase"
2. On the "Key Selection" tab select "Manually"
3. On the "Advanced" tab deselect "Encrypt replies to encrypted message"
4. On the "Sending" tab deselect "Add my own key to the recipient list"

Sending a mail to a friend using his public key

You need to import the public key of your friend by using the "OpenPGP"->"Key management". Once you have imported the public key you can write the email. In the "Compose" window click on "OpenPGP" button in the toolbar and select "Encrypt Message". Once you click on "Send" it will ask you which key it should use. Select the key of your friend and click on "Ok". You will see the email gets encrypted and send to your friend.