TAG | Data encryption and Ubuntu, Part III |
|
| Apexing the Linux learning curve - Linux for Learners | |
| by Hamish Taylor | |
| Sunday, 30 November 2008 | |
|
Page 2 of 3 Once you have set up your PGP key, you'll need to tell your email client which "Key Pair" is yours.Featured Whitepaper
5 Best Practices for Smartphone Support
The Evolution preferences menu is divided up into two parts. In the left-hand side vertical column menu is what I call the General Preferences. These apply to the application itself. When you create an email account, then you click on it and click on Edit to edit the preferences for that account. I call these the Account Preferences and they open up in a separate window. Create your email account and then go into the Account Preferences. Select Security at the top. Then type in the Key ID. Have a look at the four options and click OK when you're done. Now, to send someone an encrypted email you need to have their Public Key in your "Key Chain". You can get their Public Key if they can send it to you as an attachment (which is why I advocated saving your Public Key as an separate attachment in Part I, so you can easily send it to others!) or you can download it from a Public Key server (but only if they have uploaded it). I find the first method to be easier. I simply email the intended recipient my Public Key as an attachment. If someone emails you their Public Key, save it on your computer, then go into Passwords and Encryption Keys and, from the top menu, select Key and then Import. Select their Public Key and import it. You'll find it under Other Collected Keys. At the moment, you cannot be 100% sure that this Public Key is actually their Public Key. Someone nefarious may have intercepted their email and overwritten it with a Public Key that they want to distribute for their own purposes. You need to verify that the Public Key that you have is the right one. What you do now is compare Key Fingerprints. These are like a hashed value of the key and are unique to each key. So, call your intended recipient on the phone and get them to read off their Key Fingerprint. Some people publish their PGP Fingerprints on their business cards or websites, so that people can compare them directly without the hassle of ringing them up and getting them to read it out. You can see the Key Fingerprint that you have by double clicking on their Public Key and going to Details. If the Fingerprints match, you have a genuine key. You can then decide if you want to "Trust" the key and select the level of trust that you have in the key. Now you are able to send this recipient an encrypted email and know that only they will be able to read it. If they do the same with your Public Key then you have set up an encrypted communication channel between the two of you! Please read onto page 3... |
|
| < Next story in category | Previous story in the category > |
|---|
