“In a world of repressive governments and a growing reliance on insecure networks, there’s no way anyone can be sure their most sensitive messages aren’t intercepted by the forces of darkness. But you can make it mathematically improbable that all but the most well-funded snoops could ever make heads or tales of your communications.” Use Dan Goodin’s step-by-step guide to email encryption and keep your communications private.
www.theregister.co.uk
Tag Archives: cryptography
The case for email security
“It may not be surprising for you to learn that email is not a secure medium of communication; however, it may surprise you to learn just how inherently insecure it really is.” Erik Kangas on how email really works, what the security issues are and where you can make the difference.
luxsci.com (PDF file, 112 kb)
Das elektronische Briefgeheimnis
In German
“Wer eine E-Mail verschickt, muß damit rechnen, daß seine Nachricht von Dritten gelesen wird.” Brief article outlining steps you can take to keep your email communications private.
www.sueddeutsche.de
Why use email encryption?
Email encryption should be used by everyone. Here’s why.
rffr.de
Public/private key authentication with SSH
SSH is a protocol that enables secure logins to your computer over a network. SSH supports the use of public/private key pairs for user authentication. Private keys are kept locally, while public keys are stored on the remote machine.
On the Local Machine
Use the command ssh-keygen -t dsa to generate a key pair for the local user. Use an appropriate passphrase to secure your private key (don’t be tempted to use an empty passphrase).
Set the permissions for the private key file with the following command:
user@ubuntu:~$ chmod 600 ~/.ssh/id_dsa
On the Remote Machine
Get the necessary packages with the following command:
user@ubuntu:~$ sudo apt-get install ssh
Copy the public key file ~/.ssh/id_dsa.pub from the local to the remote machine.
On the remote machine, move and rename the file with the following command:
user@ubuntu:~$ mv id_dsa.pub .ssh/authorized_keys2
Set the permissions for the file with the following command:
user@ubuntu:~$ chmod 600 ~/.ssh/authorized_keys2
Add the user user to the group ssh:
user@ubuntu:~$ sudo adduser user ssh
Get the file sshd_config and move it to /etc/ssh/:
user@ubuntu:~# sudo wget "http://edafe.org/wp-content/uploads/2006/09/sshd_config"
user@ubuntu:~# sudo mv sshd_config /etc/ssh/
The downloaded file contains the following changes from the Ubuntu default configuration:
LogLevel VERBOSE
AllowGroups ssh
LoginGraceTime 20
PermitRootLogin no
MaxAuthTries 1
RSAAuthentication no
PasswordAuthentication no
X11 Forwarding no
TCPKeepAlive yes
ClientAliveInterval 15
ClientAliveCountMax 3
MaxStartups 3
UsePAM no
Setting these options makes root logins impossible. Only users belonging to the group ssh may establish a connection. Access to the remote machine is strictly tied to the private key and the passphrase used to encrypt it.
Next, restart the SSH server on the remote machine with the following command:
user@ubuntu:~$ sudo /etc/init.d/ssh restart
You should now be able to log into the remote machine using the private key stored on the local machine:
user@ubuntu:~$ ssh remote.machine
Enter passphrase for key '/home/user/.ssh/id_dsa':
The book SSH The Secure Shell by Daniel Barrett, Richard Silverman and Robert Byrnes is useful as a reference text and has information on other clever stuff you can do with SSH.
www.ibm.com/developerworks/linux/
How to encrypt your email
“You too can get PGP set up in a few simple steps.” Jason Thomas shows just how easy it is to start encrypting your messages.
www.lifehacker.com
Thinking about email security
“The bottom line is, if your email passes through or is stored on servers controlled by others, it’s probably a good idea to consider encryption.” Joe Brockmeier considers the confidentiality of your messages.
www.newsforge.com
Introduction to cryptography
Find out more about the basic terminology and main methods of cryptography.
www.ssh.com
A practical introduction to GNU Privacy Guard
“In this guide, I will show you how to use the most important GPG commands.” Brendan Kidwell introduces GnuPG for Windows users.
www.glump.net
Introduction to cryptography
Not entirely sure how cryptography works? This document’s two chapters, The Basics of Cryptography and Phil Zimmermann on PGP, will tell you what you need to know.
ftp.pgpi.org (PDF file, 1007 kb)
Point-and-click email crypto
“I don’t want people reading my mail.” Roy Hoobler explains how to use KGPG for email and file encryption under KDE.
www.linuxjournal.com
Echelon spy network revealed
“It sounds like science fiction, but it’s true.” Andrew Bomford first published this article in November 1999. Will matters have improved since then?
news.bbc.co.uk
Why do you need PGP?
For a conclusive answer read this article by Phil Zimmermann, author of the Pretty Good Privacy application.
www.pgpi.org