If you don’t have encryption on at least your email, you might as well send the information on a postcard for the world to see. If you don’t like the idea of the content of your email being put onto a postcard then you need to set up PGP as today’s best solution. Is it amazingly easy? No. Like anything it takes a little time to get started. Is it worth it? How do you feel when you wear a seat belt in a car versus when you don’t? PGP is a seat belt for your privacy and I love the feeling of knowing that even if I accidentally send the email to the wrong person, only my intended PGP-enabled recipient can read it, not the whole world. All lawyers, real estate agents, doctors, and such professions should honour their duty of privacy by using it immediately, or at least strongly recommending it to their clients/recipients. But don’t wait for them to do the right thing when you can start right now for free.
Video how PGP works
Good video showing how PGP encryption works to secure your email data
Tutorial about how to set up your computer:
For more detailed information and original set up tutorial, click original source
Tutorial for desktop (Ubuntu comes with Thunderbird by default):
Tutorial for Webmail
Mobile PGP Solutions
I will expand this tutorial soon but I was able to figure it out from this. Bug me if I haven’t updated this and clarified the details since this tutorial is not clear in a few ways
I just wanted to log this great website that I found which offers a great copy and paste ddclient setup. It’s much better than the out-of-the-box setup that comes with the software. Thanks very much for this tutorial!
It was also interesting to learn that Namecheap simply uses a service called ‘freedns’ apparently…. good to know in case you need to change domain registrars and keep a free dynamic dns service going….
All I wanted to do was turn an unused computer into a web host in my house so I could run wordpress on my own domain/website. I knew Ubuntu is the best so that was my plan. There are a lot of tutorials out there but I found it to be fragmented all over the world wide webs.
This post is to bring it all together in the steps needed so you can come back to it if you forget pieces (which I did shortly after successfully doing it). Here we go!
1. Prepare a USB drive for getting Ubuntu Server put on
This link will give you everything you need to prepare the drive. The only thing you have to change is the .iso file which can be downloaded from www.ubuntu.com. For this tutorial you want to download the appropriate 14.04 server version (32 bit or 64 bit). But the method of doing this is the same:
2. Install Ubuntu Server
This step-by-step tutorial is a good one to get your base server install going on the machine. Once you’ve done it a few times this part, by the way, is fast and easy. A bit intimidating the first time but rest assured most of the default settings are pretty not scary
3. Configure static IP
I had a bit of an issue in that during one install it gave me the name of the hard-wired connection as the normal ‘eth0’ but then after reinstalling it on another computer it was called ‘p1p1’. I still don’t know the reason for this but it turns out that p1p1 and eth0 seem to act and operate and configure the same way. Just a heads up in case you encounter it. In this tutorial it explains how to set up the
4. Setting up the DNS servers with ddclient so the world can find your machine and domain
Now, before you begin this part, make sure you have your Dynamic DNS service details in front of you as you probably have to do some stuff in the back end where you registered your domain before you do the next stuff. I did all this next stuff and then couldn’t figure out why it wasn’t working and the reason was that I had to do stuff in my domain registrar (Namecheap in this case) first. For the sake of a quick namecheap tutorial and to maybe trigger some help for your own registrar, I’ll just explain what I did:
a) log into namecheap admin
b) manage my domain
c) find my domain and click ‘all hosts”
d) type ‘what’s my ip’ in your favourite web search. It’ll spit out your public facing ip address.
e) manually enter that into the ‘all hosts’ area in the @ record space and the www record space.
f) save those changes.
Now move on to do the ddclient stuff in Ubuntu and it should work…
This link should be your defacto starting point. It may be all you need but I, of course, did other stuff and didn’t have patience…
This one is good, too.
Before even reading any of that I just did:
sudo apt-get install ddclient
And that seemed to get it on my system. As soon as it was installed a GUI showed up to help with the install of the ddclient update stuff which was cool…. except that it didn’t work for Namcheap… so I just hit ‘esc’ a bunch of times and it got me out and finished the install eventually. Then I did a:
sudo nano /etc/ddclient.conf (it seems some may need sudo nano /etc/ddclient/ddclient.conf)
I’m using Namecheap (I try not to plug too much but these guys have nailed it so many times) and they have a dynamic dns service for free with the domain you buy (big plus). This is the tutorial I’m using but you can buy (or search free?) a dynamic name service that updates itself so you don’t have to buy a static IP from your ISP (internet service provider).
… just plug in the data, control ‘x’, and enter key.
This blog post is a super nice exhaustive post showing perhaps more stuff you’ll need for a namecheap / ubuntu server setup:
I’m not sure if I had to but I ran
.. and it seemed to ‘start’. I’m not sure if this will run on startup or not…
5. Ping it! Just Ping it, yeah!
go to another computer ideally outside of the local network you are on (ie. call your mom and ask her to open a terminal) and enter:
ping yourdomain.com (but make sure you tell her to replace that with your domain, lol?)
You should get a reply eventually showing your public IP address from your ISP followed by regular packets coming back at you. If no reply, the update client may still be propagating the changes through the internet. I’ve been told propagation can take 24 to 48 hours although I”ve never experienced more than about 5 hours wait.
6. Administrate me, baby. I love it.
Now you’ve got a server running and doing stuff. You’ve seen Great Eagle, Moose Jaw and Apache before your eyes. Now it’s time to turn words into dreams…?? or something like that.
This tutorial was the most simple and Ubuntu friendly tutorial I could find for getting webmin set up. I’m converted back after a failed attempt with EHCP… if you figure it out please send me a nice simple tutorial and I’ll try again.
Here is the link to the tutorial
Note that I had to adjust the wget URL to the correct one for ubuntu by first going here: http://sourceforge.net/projects/webadmin/files/webmin/
then choosing the .deb file name and replacing it in the wget command in the tutorial above. So, as of February 2, 2015, your wget command would look like this until the next release:
I also had issues with the last item in the tutorial where you change the webmin admin…. didn’t work. skip it and when the login page comes up, just use your main root user/password and it works fine. Maybe someone could write a comment below how to change password because it would be nice not to use root…
7. Install WordPress
Why? Because that’s what every wimp does when he thinks he’s a server rock star and gets his first false sense of pride. That’s why.
maybe this one? https://www.youtube.com/watch?v=iqLsTycO9aA
and then this one maybe if you need to ssh and wget it on the remote machine?
So you have a Microsoft Windows computer. You finally realize that the reason you have no hair on your head is because you pulled it all out at your computer. It is full of viruses, malware, and a host of other programs attempting in vain to stop these from making their home on your machine. Also, you heard the news that Windows is fully compromised and that none of your data is safe so long as you are using a Windows machine.
You are ready for a change, but you don’t know what to do, or the person who suggested this to you is far away from you and unable to drop by your place to make it happen.
Don’t worry. That’s what this blog post is about.
Since you may need to be completely offline, or without a second computer to read this tutorial on, you may want to print this guide. The only part not available currently is the video in step 6.
>>PRINTABLE PDF VERSION OF THIS GUIDE-UPDATED-150117<<
1. Back up the files you don’t want to lose on an external drive
Before you begin, you will need to back up all your photos and other documents from the machine you are about to wipe. This process takes time so it is a good idea to start right away. It is strongly recommended that you purchase a USB drive of however many gigabytes you need to save all your documents. You will be surprised at how small your files are unless you have a lot of videos. For the average ‘simple user’ you can probably survive with an 8 gigabyte drive, but for people with a bunch of videos you will probably need to consider buying a huge external drive of a Terabyte or so. This is a great tool to have regardless because you will use it in the future to do back ups of your computer on. Also, the amount of money you are going to save on virus software when you switch to Ubuntu will pay for your drive many times over over the years! A quick checklist of files you might want to keep:
- emails (if you use an email client like Outlook or Thunderbird): if you have a scary webmail account like hotmail your emails will be sitting unsafely there so you won’t need to back them up
- word processing documents (resumes, letters, legal docs, etc)
- PDFs (ie. invoices, e-bills, etc)
- videos (ie. videos from your phone you dumped there, movies, etc)
2. Obtain a 2 gig+ usb drive
Great! All your files are saved safely on your external drive. Now you need a *second* and *dedicated* drive which will be used for the installation of Ubuntu. Yes, it’s possible also to use a DVD or CD rom but since you may need to adjust things after installing, we have found the USB drive to be the cheapest and most flexible tool over the long term. Plus, you end up with a second USB drive which you can use for transporting files around (one for you, one for the spouse, for example). So, stick with our suggestion ok? The great news is that as of today’s date, you can do this with a 2gig USB drive or less which is either free or *extremely* cheap. In fact, most people you know will have one lying around on their desk they will lend you. Advise them to wipe sensitive data off the drive before giving it to you, of course!
3. Download and install the program called Unetbootin
Go to this website (http://unetbootin.sourceforge.net) and download the appropriate (in the case of this tutorial Windows) version of the software. This software will be used to change your dedicated install drive into one that will boot when you turn your computer on (like a bootable CD rom). Here are two screenshots to make it more simple:
4. Install Unetbootin
Go find that file you just downloaded to your computer. Double click it. Follow all the instructions and give it all the power it needs to get installed. Windows may fight. You fight back!
5. Download the latest Ubuntu from the official Ubuntu.com website
Here is an illustrated step-by-step. Of course if you have money, I encourage you to give some money but it is not mandatory whatsoever. In this example I’m showing skipping straight to the download.
6. Create the Bootable USB Drive Using Unetbootin
So you have your 2gigabyte (or bigger) dedicated USB drive as described in step 2.
You’ve downloaded and installed Unetbootin in step 3 and 4
You’ve now got the ISO file on your harddrive from steps 5
Now you need to make your USB drive think that it is a bootable CD ROM (essentially). Instead of me sending you a bunch of screenshots, just watch this video that Lecture Snippets created because the flow is still exactly the same even though the numbers have changed. Just follow his instructions as he puts his own downloaded ISO image onto his USB drive.
NOTE! Make sure that ALL USB DRIVES EXCEPT YOUR DEDICATED UBUNTU 2GIG+ DRIVE ARE REMOVED FROM YOUR MACHINE. Just check. Trust us.
7. Reboot and make sure your computer BIOS is set to boot first from the USB drive
When Unetbootin is finished, it will give you the option of rebooting now. Likely you did it and didn’t know that you had to go in and change some BIOS settings. No problem. All you have to do is reboot your computer (again) and press the correct keyboard key for your particular computer. In many cases its F12 or F10, etc. Usually you can find this key displayed on the black screen right before your computer boots into your operating system. It only shows up for a few seconds so it may take you several reboots to read the keyboard key you need. What you are looking for is ‘Bios settings’ or ‘Change boot order’ or something like that. It might take you a few tries but you’ll get it. Online search engines will also likely have it if you know your computer mother board model number.
8. Choose the ‘Install Ubuntu’ option when you see the Unetbootin blue screen.
When you end up on the Unetbootin blue screen, this means ‘success’! This means you are so close to finished you can taste it. Great work so far! In this case we are going to wipe away that pesky Windows operating system forever so choose the ‘install Ubuntu’ option. It will start the installation process which is amazingly easy and clean. Just answer all the questions and make sure you have a hard-wired internet connection. If you don’t, you may have to find one. At some point you are going to need to update the operating system so you might as well do it at the same time as your install so you are starting on the right foot.
9. Watch this quick familiarization video
This is a nice quick familiarization tour of your new found joy. Give it a quick watch so you know some basic stuff to get around.
10. Get connected to a local Ubuntu Community!
In the Vancouver area here, there is a big Ubuntu Vancouver meetup group as well as an Ubuntu Delta group. This connection will help you greatly realize the full potential of the Ubuntu Project which is, please note, much more than just an operating system.
Retroshare is awesome. It’s secure. It’s simple (once you get rolling) and it’s highly useful. I found getting the initial few friends in was a ‘little’ tricky without a familiarization tour so here is a video I made to help folks out. I sent it to my mom so we’ll know how effective it is shortly, we hope…
PGP encryption on your email is not only awesome but it’s now mandatory if you care even the slightest about your personal privacy. If you don’t care about your personal privacy, I invite you to strip naked and dance in front of your living room window towards the street with your blinds open at night…. unless you look like me naked in which case I strongly advise you against such behaviour.
But with all such course jesting aside, the intention of this post is to be the go-to, defacto post for setting up your PGP, and also updating your keys in the event of loss or expired key. I found that if enough time passes I forget everything so I wanted this post to be hanging out online for my own quick and easy reference.
This post is NOT a full blown tutorial about setting up both Thunderbird and Enigmail. I’m sure those are out there somewhere. But, here are a few quick points to make sure you know what’s needed to get set up:
- Get Thunderbird email client (it’s the best anyways) here Note: for mobile users, K9 email client works with PGP and we’ll update this when another option arrives.
- Install the Enigmail under ‘tools/add-on’s in your Thunderbird client
- Create a PGP pair by using the wizard.
This post IS intended for when you update your key (ie. starting again after losing it, expiring it, change encryption strength, etc) because you will need to make sure that you as the maker of the new key do the right steps and that the people you communicate also deal with your new and old keys accordingly.
And that’s what this post is about. It’s the post you come back to as an already-established PGP user. It’s the ‘transitioning from old key to new key’ post.
No, I couldn’t possibly preamble (is that even a verb?) longer if I tried…
Making/Updating the Key
1. Go to Key Managment
2. Go to ‘Generate’ at the top and then ‘New Key Pair’
3. Fill in the details on the first page that opens.
Note 1: It might be useful to make a comment in the common line?
Note 2: Make sure your password is secure. I use KeePassX to both generate and store my passwords.
Note 3: Before you click that generate button, make sure you consider step 4 coming soon!
4. Consider strongly using 4096 key size for today’s needs. Then press ‘generate'(but not before strongly considering the aforementioned 4096 thing)
Note 1: Anything less you are pretty much up the creek if someone wants you bad enough.
Note 2: The generation of the key takes pretty much forever (well for kids my age and younger) so brew a coffee and tinker with your mouse a lot since it helps speed it up.
Note 3: When it’s done I think it gives an option to save your actual public and private keys to a disk. Do this. Do it on a safe and preferably encrypted drive.
Note 4: It will also give you the chance to create a ‘revoke certificate’. You need this certificate to kill your key so save it also in a safe place. Consider, again, KeePassX. I think this can save attachments with each entry.
Making a Smooth Transition to Your New Key (Your Recipient’s Perspective)
1. Have Grandma go to ‘key management’ and make sure she disables your old key (right click on your key)
Note 1: Although all my stuff is blurred out below, the disabled key will be ‘greyed out’ when successfully disabled
2. Send Grandma a signed email with the new key (as .asc attachment) (not uploading using the keyserver pool yet)
Note 1: Make sure it’s signed. Sometimes the rules may hinder it from going out signed. Force it to be signed.
3. You have already told Grandma never to sign a key unless she confirms it in person so she calls you up, confirms you are real and that you sent a new key. Now you have her sign the new key you just sent her by right clicking on the key information in the email body as below.
4. Send Grandma a test email to make sure it’s working
Note 1: Put a message like ‘this email is encrypted’ in the subject heading because subject headings are not encrypted.
Note 2: Make sure it’s actually encrypted! Sometimes the rules are not set to do so (read up on rules as they are useful).
If your recipient gets your email, confirms it’s the new key (sometimes we goof and send the old key) and you are sure it was confirmed and he/she could read it, you are done and all is well.
5. Remove and replace any affected per-user rules
Grandma is the bomb so she already had a rule set up in her ‘per-recipient rules’ under the main Enigmail tab in Thunderbird. However, now that you went ahead and complicated her biscuits by changing your PGP key (thoughtless so-and-so!) key a few annoying things will happen when she goes and tries to invite you over to dinner. Never fear, Grammar! All you have to do is delete that ol’ stinkin’ rule and add a new one with the new key. Just go ahead and do that. If you really need the screenshots put a comment below and I’ll think about it…
Ryuken! Finish him!!
Now at least one trusted person has confirmed your encrypted email with the new key is working. Let’s get this done!
1. Upload your new key to the keyservers so the world will know you mean serious privacy business
Then you’ll see this:
Finally, I suggest this refresh option. It didn’t seem to ‘take’ until I performed this right after doing the upload.
2. Revoke that old, dirty key you used to use.
Just follow this tutorial. It shows you how easy enough.
Note 1: I recommend, like when you upload your normal keys to servers, that you do the refresh option right after you revoke as well.
Some extra notes
- there must be something to write here…?
Want to read an article later and not use your data plan? Going somewhere and want to look at a website page without worrying about an internet connection? Can’t seem to find the time to read an article in the near future but worry the article might be gone when you get around to reading it? If you are using Ubuntu, you’re already set up for an ultra simple solution to grab ‘n’ go websites.
In my case, I just wanted to take a bunch of articles and read them on my tablet or netbook up at my parents cabin where the internet is either spotty or notty. At first I started downloading Firefox add-ons and this and that but it turns out the most simple and effective solution was sitting there ready to go: the ‘print to file’ option when you print *anything* in Ubuntu. Ubuntu, because it’s just plain awesome out of the box, comes with the ability to print anything to PDF. So, the solution is this simple:
1. Go to the website you want to have as a PDF
2. Choose to print the page (I use the control + P buttons because it’s rocket fast)
3. Choose ‘print to file’ option
4. KEY STEP!! Rename the file now. It defaults to some ‘mozilla’ file name and will remember your last file name so every time you save a new article/page you have to remember to change the name or they will all end up in your last folder with the same name. Makes for an annoying time. NOTE: When you rename the file, do *not* erase the final .pdf tag or the file might have issues.