diff --git a/articles/complaining/HTML.html b/articles/complaining/HTML.html
index b5cf3d3..39d90d4 100644
--- a/articles/complaining/HTML.html
+++ b/articles/complaining/HTML.html
@@ -1,63 +1,35 @@
-
- HTML in emails is annoying
+
+
+
+
+
+HTML in emails is annoying
+
+
+
-
Using HTML in emails.
Emails which are written with HTML are annoying.
Why are they annoying?
They look bad with some clients with plaintext inlines (at least on Icedove and Thunderbird).
They add empty lines to emails. Have you ever tried looking at source of one?
They can include very annoying formatting.
Do you like reading email which is for example, all in bold, cursive and with some notice attracting colour, like red? And what if it's even written with some very annoying font?
PGP/INLINE signed or encrypted blocks get invalid, when HTML adds spaces to them. This seems to be very popular issue (probably, because K9 mail has interesting default settings of sending HTML and topposting...)
My email client cannot write messages in plaintext!
Are you sure? Debian wiki has instructions how to write plain text with many clients.
They look bad with some clients with plaintext inlines (at least on Icedove and Thunderbird).
+
They add empty lines to emails. Have you ever tried looking at source of one?
+
They can include very annoying formatting.
+
+
Do you like reading email which is for example, all in bold, cursive and with some notice attracting colour, like red? And what if it's even written with some very annoying font?
PGP/INLINE signed or encrypted blocks get invalid, when HTML adds spaces to them. This seems to be very popular issue (probably, because K9 mail has interesting default settings of sending HTML and topposting...)
+
+
My email client cannot write messages in plaintext!
+
Are you sure? Debian wiki has instructions how to write plain text with many clients.
+
diff --git a/articles/complaining/topposting.html b/articles/complaining/topposting.html
index 82cf933..37bdeff 100644
--- a/articles/complaining/topposting.html
+++ b/articles/complaining/topposting.html
@@ -1,38 +1,29 @@
-
- Top-posting in emails is annoying
-
Top-posting
What is top-posting?
Top posting is replying before the text which you are replying to (and which is usually automatically quoted by your email client).
This example from Debian wiki answers to both, this and next question.
A: Because it messes up the way you read
+
+
+
+
+
+Top-posting in emails is annoying
+
+
+
+
+
Top-posting
+
What is top-posting?
+
Top posting is replying before the text which you are replying to (and which is usually automatically quoted by your email client).
+
This example from Debian wiki answers to both, this and next question.
+
A: Because it messes up the way you read
Q: Why is top-posting bad?
A: Writing your answer before the question
-Q: What is top-posting?
-
Why is it bad?
See the answer to the previous question.
It also makes harder to know what previous poster meant if he/she just said "+1" and other people have used different posting style and senders and replies are messed up. This happens often on Lubuntu mailing lists.
It also makes harder to know what previous poster meant if he/she just said "+1" and other people have used different posting style and senders and replies are messed up. This happens often on Lubuntu mailing lists.
+
diff --git a/articles/guides/ChromiumFlashPDF.html b/articles/guides/ChromiumFlashPDF.html
index 1494d20..31d48e3 100644
--- a/articles/guides/ChromiumFlashPDF.html
+++ b/articles/guides/ChromiumFlashPDF.html
@@ -1,42 +1,28 @@
-
- Getting Google Chrome integrated flash and PDF player to Chromium
-
Chromium is probably packaged in your distribution and can be found either in package "chromium" (in Debian 7 (Wheezy) and above) or "chromium-browser" (Debian 6 (Squeeze)).
How to get the plugins into Chromium.
After you have installed Chrome and Chromium, you should have directories "/opt/google/chrome" and "/usr/lib/chromium".
The plugins, which you want are files "libpdf.so" and "libgcflashplayer.so" in the /opt/google/chrome" directory.
The easiest way to get them into Chromium is to symlink them with the following commands:
Remember to keep Google Chrome installed, because when package managment upgrades it, those plugins are also upgraded in both Chrome and Chromium (because Chromium is same as Chrome with those plugins).
Now open (or if it was already running, restart) Chromium and go to about:plugins. There you should see two new plugins called "Chrome PDF Viewer" and "Flash". Enable them if they aren't enabled and they both should work now whenever you go into page with Flash script or PDF file.
NOTE: Flash might need you to install package flashplugin-nonfree from the repositories. I am not fully sure about this.
+
+
+
+
+
+Getting Google Chrome integrated flash and PDF player to Chromium
+
+
+
+
+
Chromium is probably packaged in your distribution and can be found either in package "chromium" (in Debian 7 (Wheezy) and above) or "chromium-browser" (Debian 6 (Squeeze)).
+
How to get the plugins into Chromium.
+
After you have installed Chrome and Chromium, you should have directories "/opt/google/chrome" and "/usr/lib/chromium".
+
The plugins, which you want are files "libpdf.so" and "libgcflashplayer.so" in the /opt/google/chrome" directory.
+
The easiest way to get them into Chromium is to symlink them with the following commands:
Remember to keep Google Chrome installed, because when package managment upgrades it, those plugins are also upgraded in both Chrome and Chromium (because Chromium is same as Chrome with those plugins).
+
Now open (or if it was already running, restart) Chromium and go to about:plugins. There you should see two new plugins called "Chrome PDF Viewer" and "Flash". Enable them if they aren't enabled and they both should work now whenever you go into page with Flash script or PDF file.
+
NOTE: Flash might need you to install package flashplugin-nonfree from the repositories. I am not fully sure about this.
Open Edit --> Account Settings --> OpenPGP security and select "Enable OpenPG support (Enigmail) with this user information". Then select "Use specific OpenPGP key" and press the "select key" button. Now just select your private key.
After you have selected the key, I recommend you to select the first and the second boxes, which are about signing.
Remember to do this for multiple identities. Select the account and then click the "manage identities" button.
Just send your email to adele-en@gnupp.de and it will reply shortly.
Sending PGP/MIME instead of PGP/INLINE
PGP/MIME puts the signature to signature.asc ataachment and PGP/INLINE into "mess" in the bottom of email.
WARNING: This might not work with some mailing lists (for example Ubuntu, Mozdev and GnuPG mailing lists)!
There is open bug report about PGP/MIME not working on Ubuntu MLs at LaunchPad, 996581
NOTE: If you want to sign emails and use HTML at the same time, you must use PGP/MIME or otherwise your signature cannot be verified!
To send PGP/MIME by default, open Edit --> Account Settings --> OpenPGP security and check "Use always PGP/MIME".
Remember to check to do this for your all identities in case you have more than one of them. Edit --> Account Settings --> "Manage Identities..." button and after selecting identity, you can find OpenPGP security tab.
OpenPGP headers.
To enable sending OpenPGP headers, return to OpenPGP settings (mentioned above) and click "advanced".
Select the both checkboxes and write URL where your key is located. If you don't have homepage, you can link to webui of your preferred keyserver.
Open Edit --> Account Settings --> OpenPGP security and select "Enable OpenPG support (Enigmail) with this user information". Then select "Use specific OpenPGP key" and press the "select key" button. Now just select your private key.
+
After you have selected the key, I recommend you to select the first and the second boxes, which are about signing.
+
Remember to do this for multiple identities. Select the account and then click the "manage identities" button.
Just send your email to adele-en@gnupp.de and it will reply shortly.
+
Sending PGP/MIME instead of PGP/INLINE
+
PGP/MIME puts the signature to signature.asc ataachment and PGP/INLINE into "mess" in the bottom of email.
+
WARNING: This might not work with some mailing lists (for example Ubuntu, Mozdev and GnuPG mailing lists)!
+
There is open bug report about PGP/MIME not working on Ubuntu MLs at LaunchPad, 996581
+
NOTE: If you want to sign emails and use HTML at the same time, you must use PGP/MIME or otherwise your signature cannot be verified!
+
To send PGP/MIME by default, open Edit --> Account Settings --> OpenPGP security and check "Use always PGP/MIME".
+
Remember to check to do this for your all identities in case you have more than one of them. Edit --> Account Settings --> "Manage Identities..." button and after selecting identity, you can find OpenPGP security tab.
+
OpenPGP headers.
+
To enable sending OpenPGP headers, return to OpenPGP settings (mentioned above) and click "advanced".
+
Select the both checkboxes and write URL where your key is located. If you don't have homepage, you can link to webui of your preferred keyserver.
Note: If gpg2 gives you error about invalid/unknown/etc. command, use gpg instead.
What do you need:?
Linux (Debian based distributions)
You need at least package gnupg, but I recommend installing packages icedove enigmail pinentry pinentry-curses pinentry-gtk2 pinentry-qt4 signing-party and gnupg2.
This depends are you generating a new key or importing old key.
Step 1: Generating a new key
Open terminal (or cmd.exe if you are using Windows) and run
gpg2 --gen-key
Notes:
When you are asked for key size, enter the maximum size.
When you are asked for email address, leave it empty. We will add it later.
Adding new UIDs (User IDentities)
First you need to find out the ID of the key, which you just created. You can see it with two commands.
gpg2 --list-keys
Example output:
% gpg --list-keys pub 4096R/82A46728 2012-03-27 uid Mika Suomalainen sub 4096R/A4271AC5 2012-03-27
or
gpg2 --fingerprint
Example output:
% gpg2 --fingerprint pub 4096R/82A46728 2012-03-27 Key fingerprint = 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728 uid Mika Suomalainen sub 4096R/A4271AC5 2012-03-27
The second command also shows the key fingerprint which is usually used to identify the key. Note that you can see both keyid formats in fingerprint. The last eght characters in keyid are the short format and the last sixteen characters are the long format. If you want to see the long keyid, run
gpg2 --list-keys --keyid-format long
Now add the uid with the following commands:
gpg2 --edit-key KEYID
and enter command:
adduid
and you are asked for name and email address again. This time you can give them both.
If that UID which has only your first name isn't the first UID, select it by giving command, which is the number of the UID, for example:
2
and * appears to that UID to tell you that that UID is selected. Now give command
primary
to make it the primary UID again.
Now you can exit from GPG with
quit
and confirm to save changes with
y
Setting preferred keyserver of the key.
Preferred keyserver is where the key is refreshed when someone runs "gpg2 --refresh-keys".
To set it run
gpg2 --edit-key KEYID
keyserver
and enter the keyserver address, for example hkp://pool.sks-keyservers.net (I recommend this keyserver).
Step 1: Importing old key
You can import your old private key same way as you import public keys. This means:
gpg2 --import key.asc
Where key.asc is the file, which contains the (private) key(s)
Step 2: backing up the key
You need to know your keyid. I told you how to get it in "Adding new uids". To back up your private key, run
gpg2 --export-secret-keys -a KEYID
and save the output of that command to file. If you are on Linux or Mac OS X, you can forward the output directly to file, with
gpg2 --export-secret-keys -a KEYID > privatekey.asc
The previous command creates a file called "privatekey.asc", which contains the output of the first command.
Step 3: Configuring gpg(2)
The configuring of gpg happens in gpg configuration directory. In Linux and Mac this is ~/.gnupg/gpg.conf.
I recommend you to add following lines to it. I'll try to explain them with my best ability.
# Options for GnuPG # Copyright 1998, 1999, 2000, 2001, 2002, 2003, # 2012— Mika Suomalainen (Mkaysi) https://raw.github.com/Mkaysi/shell-things/master/gnupg/gpg.conf # 2010 Free Software Foundation, Inc. # # This file is free software; as a special exception the author gives # unlimited permission to copy and/or distribute it, with or without # modifications, as long as this notice is preserved. # # This file is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY, to the extent permitted by law; without even the # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. License information so I won't break license of the default config file, which I have appended.
default-key KEYID
So KEYID is used by default if there are multiple secret keys.
default-recipient-self encrypt-to KEYID
So everything what you encrypt is also encrypted to you.
keyid-format 0xLONG
So keyids are shown in the longest format, including 0x prefix, which marks them as hexadecimanls.
Example outputs from --list-keys and gpg --fingerprint after setting 0xLONG as keyid format.
After you set 0xLONG as keyid-format, keys appear like 0x4DB53CFE82A46728 instead of 82A46728.
charset UTF-8
So UTF-8 is used as default character set and most of characters can be used.
armor
So you don't need to specify -a to get ASCII armoured text.
So default keyserver is specified and unknown keys are always received when something what requires missing key is procressses and revoked keys aren't included in search results and verbose output is used and signatures by unknown keys are automatically removed.
Comments can be whatever you want. For example they can have link to your homepage or command to receive your key from keyserver etc.
Step 4: Sharing your public key
There are two ways to share your key. I personally use and recommend them both.
Without keyservers
If you have homepage, it's recommended that you put your key there. My key can be found at PGP/key.txt
You can get your public key with command
gpg2 --export -a KEYID
or if you use Linux and have installed package signing-party, you can use
pgp-clean KEYID
to get your public key without signatures (I will explain them later). WARNING: pgp-clean seems to also remove encryption subkey.
With keyservers
If you followed my configuration, you are usng pool.sks-keyservers.net as your keyserver and you are automatically receiving unknown keys from t, whenever you try to verify something, what is signed with unknown key.
To send your public key to keyserver, run
gpg2 --send-keys KEYID
To receive key from keyserver, run
gpg2 --recv-keys KEYID
To search keys from keyserver, use
gpg2 --search-keys QUERY WORDS
or if you are using Linux and have packages signing-party and dialog installed, you can use
keylookup QUERY WORDS
Word of warning
Keyservers only append content. Information on keyserver cannot be removed. This means, that when you delete uid, signature or whatever, it reappears when you run
gpg2 --refresh-keys
or receive your key from keyserver again. Thought content (uids, signatures, keys etc.) can be revoked.
You can now move to Icedove / Thunderbird guide and after that | or Enigmail guide, because things after this are usually done by email client.
But you should continue reading to understand how to use GPG without email client.
Trusting keys.
If you want to make gpg know that you trust key of another person, you have two opinons. Enter the "key editing shell", with
gpg2 --edit-key KEYID
and
Way 1: lsign
Lsign signs the key locally making it impossible to export the signature. Use it if you trust the key owner to be who the key says, but you haven't met him/her personally.
Lsign the key with
lsign
and then you can exit gpg with
quit
confirming to svae changes with
y
Way 2: sign
If you trust the key owner to be whom the key says and you have met him/her personally and have seen proof of his/her identify (i.e. passport) or he/she is member of your family or long time friend, you can sign the key with
sign
making the signature exportable or sendable to keyserver. Now exit gpg with
quit
saving the changes with
y
and send the signed key to keyserver with
gpg2 --send-keys KEYID
Other people will see your signature next time when they receive the key agan or run
gpg2 --refresh-keys
NOTE: You can upgrade lsigned signature to signed signature with the "sign" command.
Trust
Trust determines does gpg trust the key to validate other keys. Trust is only visible to you. You can se trust with
trust
and then exit gpg with
quit
saving the changes with
y
Signing
Signing a message
Run
gpg2 --clearsign
and write your message. When you are ready, add one empty line and press CTRL-D and gpg outputs signed message.
Signing a plaintext file
Just run
gpg2 --clearsign file.txt
and the signed content will be found from file.txt.asc
NOTE: .asc is same as .txt and can be opened with normal text editor.
Verifying signature
Clearsigned messages
Just run
gpg2
and paste the signed content, add one empty line and press CTRL-D.
Detached signatures
Run
gpg2 --verify file.sig
and you are asked for signed file.
Encrypting
To encrypt a message, just run
gpg2 --encrypt -a -r receiver (-r receiver...)
If you followed my configuration instructions, you are automatically receiver. Replace "receiver" with KEYID. Write your message, add empty line and press CTRL-D and gpg outputs encrypted content.
Decrypting
Just run
gpg2 --decrypt
paste the encrypted content, add empty line and press CTRL-D and gpg outputs, the decrypted content.
Just email me, the addresses can be found from my GPG key, which has been mentioned on this page some times. Please cleasign your question, so I won't get power to fake it, and please don't use HTML.
+
+
+
+
+
+GPG guide
+
+
+
+
Quick GPG guide
+
Note: If gpg2 gives you error about invalid/unknown/etc. command, use gpg instead.
+
What do you need:?
+
Linux (Debian based distributions)
+
You need at least package gnupg, but I recommend installing packages icedove enigmail pinentry pinentry-curses pinentry-gtk2 pinentry-qt4 signing-party and gnupg2.
The second command also shows the key fingerprint which is usually used to identify the key. Note that you can see both keyid formats in fingerprint. The last eght characters in keyid are the short format and the last sixteen characters are the long format. If you want to see the long keyid, run
+
+
gpg2 --list-keys --keyid-format long
+
+
Now add the uid with the following commands:
+
+
gpg2 --edit-key KEYID
+
+
and enter command:
+
+
adduid
+
+
and you are asked for name and email address again. This time you can give them both.
+
If that UID which has only your first name isn't the first UID, select it by giving command, which is the number of the UID, for example:
+
+
2
+
+
and * appears to that UID to tell you that that UID is selected. Now give command
+
+
primary
+
+
to make it the primary UID again.
+
Now you can exit from GPG with
+
+
quit
+
+
and confirm to save changes with
+
+
y
+
+
Setting preferred keyserver of the key.
+
Preferred keyserver is where the key is refreshed when someone runs "gpg2 --refresh-keys".
+
To set it run
+
+
gpg2 --edit-key KEYID
+
+
+
keyserver
+
+
and enter the keyserver address, for example hkp://pool.sks-keyservers.net (I recommend this keyserver).
+
Step 1: Importing old key
+
You can import your old private key same way as you import public keys. This means:
+
+
gpg2 --import key.asc
+
+
Where key.asc is the file, which contains the (private) key(s)
+
Step 2: backing up the key
+
You need to know your keyid. I told you how to get it in "Adding new uids". To back up your private key, run
+
+
gpg2 --export-secret-keys -a KEYID
+
+
and save the output of that command to file. If you are on Linux or Mac OS X, you can forward the output directly to file, with
+
+
gpg2 --export-secret-keys -a KEYID > privatekey.asc
+
+
The previous command creates a file called "privatekey.asc", which contains the output of the first command.
+
Step 3: Configuring gpg(2)
+
The configuring of gpg happens in gpg configuration directory. In Linux and Mac this is ~/.gnupg/gpg.conf.
+
I recommend you to add following lines to it. I'll try to explain them with my best ability.
+
# Options for GnuPG # Copyright 1998, 1999, 2000, 2001, 2002, 2003, # 2012— Mika Suomalainen (Mkaysi) https://raw.github.com/Mkaysi/shell-things/master/gnupg/gpg.conf # 2010 Free Software Foundation, Inc. # # This file is free software; as a special exception the author gives # unlimited permission to copy and/or distribute it, with or without # modifications, as long as this notice is preserved. # # This file is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY, to the extent permitted by law; without even the # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. License information so I won't break license of the default config file, which I have appended.
+
+
default-key KEYID
+
+
So KEYID is used by default if there are multiple secret keys.
+
default-recipient-self
+encrypt-to KEYID
+
So everything what you encrypt is also encrypted to you.
+
+
keyid-format 0xLONG
+
+
So keyids are shown in the longest format, including 0x prefix, which marks them as hexadecimanls.
+
Example outputs from --list-keys and gpg --fingerprint after setting 0xLONG as keyid format.
+
After you set 0xLONG as keyid-format, keys appear like 0x4DB53CFE82A46728 instead of 82A46728.
+
+
charset UTF-8
+
+
So UTF-8 is used as default character set and most of characters can be used.
+
+
armor
+
+
So you don't need to specify -a to get ASCII armoured text.
So default keyserver is specified and unknown keys are always received when something what requires missing key is procressses and revoked keys aren't included in search results and verbose output is used and signatures by unknown keys are automatically removed.
Group lines are a way to write email to one recepient and have it encrypted to multiple keys automatically.
+
Example group line:
+
group touchlay-server@googlegroups.com=0x4DB53CFE82A46728 0x0BD622288449A12B 0x729DF464666CC0DD 0xCACC5B094EC00206
+
With that line, when recepient is touchlay-server@googlegroups.com, then emails are encrypted to those 4 keys.
+
NOTE: KEYIDs in group line should be in format 0xLONG. If you don't use that format by default, use "gpg2 --keyid-format 0xLONG --list-keys".
+
See also my Enigmail instructions about group lines.
+
Comments
+
GPG can automatically add comments to signed and encrypted content. They are usually hidden by email clients, which support GPG.
+
Example comment:
+
-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Signed content.
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.19 (GNU/Linux)
+Comment: This is a comment.
+
+iQIcBAEBAgAGBQJP0ypzAAoJEE21PP6CpGcojpsP/jV8o398xaCOCtdk5gyZtSZG
+KYDbyV8dNk1jxyNb7yPuEHGdm2BNXuKDHoG1vOli1yfavDvZ7Ir6i6HqDINRt6QF
+TFcWQgurMtXEJ4zCbMwBHM5OCpRL0gtuK/ERZFWeA+zDuM/pDKWLcX9REriT5CaG
+CWBBvCIf/C2imGqe3+KBKSy13pis7MXARCTHesTOV/z04vKfsVqh7+M60ss/sc48
+kkL7CR/RiovomeoDhWuwS63oDE49eG+hlMDswgehnx71bvYr2NBZ3qfls4utx3fj
+ro4ubRGW52tY9wIC1tZoNiqa/n9Z6jOIq76Vn5DaJQ1dKWn3MnA5Sv2ztV4GlaIO
+iTLkvavAe7KHVxDCKcHpI7vnj9JlahF1u8+JDHXbTePDE3MiQvK1uEK91EQP9kYT
+EYQwuClDfVGNBgqORTzZUpszYrT1dCdLte+29RdkHzsC+32x540xLvkDFvkZ+92Y
+7LxCX83aKzIdAZmehNmSrzQAL+NCfMW3YjkvWOYoFFMd//nSVifCbxvRLsyv7npr
+Fowb/UnnZW3ScT/sFNJWH/xY5skDS8WZd3H6O7MJ8gHUeOR9YQepQX56kvSRVtbj
+ncnVEtqLjlbMpHEFy9ykKgM6rzuRTzLRct7Tf787Ww4hgSN92lhetPZmi6BGcS1z
+ZRzFq367A+HsVMlihBjd
+=HKS4
+-----END PGP SIGNATURE-----
+
To add comments, use "--comment" flag or add "comment" lines to gpg.conf:
+
For example:
+
+
comment "Something"
+
+
Appears as
+
-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+
+This is signed content, which has comment, which reads "Something".
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.19 (GNU/Linux)
+Comment: Something
+
+iQIcBAEBAgAGBQJP0yt8AAoJEE21PP6CpGcoHskP/jLift0y8tA7VnmbIyFfOr2J
+RVJfcc/cl8xvbnhSKIOa5rS47Z9MgVqf8KDY373E1CZMvOsdx4yPINMJb4901iBQ
+71RCRcg45YUI+yWRlZ2+ZsE7NBgUWm2cdSbwfaWrxH2eL8zRN+G5c3qiAQu0pXY5
+Mc1MG6ZQQzz3v+SrYPB6aZn8R8uNQR6U1YfbhtG1daxIfzdbXQNqMi/pIDV+M5GY
+IS3Wbbp57pvJ8R3EjvqMsDKv76L/ZFySlrAugQaZIj4lQVUzXhivBwzkaHslj6dP
+HSGamz3C4yX5GPe/QBJ8jgANAtmdx2+1IpoRRqiLrOOT48vRkCFM40VwjMVO4W+B
+wNg9BQUpB53/QBtpQ5kDHrpPA+6bS4QkzUIzMsMuSvF9w15vG+Ae7qozD/YTLeD/
+IBaRlqPIRI/CrOEfUfn0DE6bFKTMgf4WE5M8IZ2kBVAE/mBqicJ9QKI53it8Ru4M
+hznPzwtmQTHf02yaj06LjB1P0SYU3gjwioRN+3RVoCRC92rjW5gN4MBYR0jKydp6
+MHf2Mg+ped1BegBDEVD4FyDPw/LNmveZb5O8/KIpjdb9dMgP5uqDpvJEzS64OQf0
+vtzYEnCrJW+/1ABuGoF2aKG7+i24gLt9re+jOb02dj5NxRc1tWmhVNVM/acwReVr
+1ELecm6kOS0qlPF//OnU
+=Ilhi
+-----END PGP SIGNATURE-----
+
Comments can be whatever you want. For example they can have link to your homepage or command to receive your key from keyserver etc.
+
Step 4: Sharing your public key
+
There are two ways to share your key. I personally use and recommend them both.
+
Without keyservers
+
If you have homepage, it's recommended that you put your key there. My key can be found at PGP/key.txt
+
You can get your public key with command
+
+
gpg2 --export -a KEYID
+
+
or if you use Linux and have installed package signing-party, you can use
+
+
pgp-clean KEYID
+
+
to get your public key without signatures (I will explain them later). WARNING: pgp-clean seems to also remove encryption subkey.
+
With keyservers
+
If you followed my configuration, you are usng pool.sks-keyservers.net as your keyserver and you are automatically receiving unknown keys from t, whenever you try to verify something, what is signed with unknown key.
+
To send your public key to keyserver, run
+
+
gpg2 --send-keys KEYID
+
+
To receive key from keyserver, run
+
+
gpg2 --recv-keys KEYID
+
+
To search keys from keyserver, use
+
+
gpg2 --search-keys QUERY WORDS
+
+
or if you are using Linux and have packages signing-party and dialog installed, you can use
+
+
keylookup QUERY WORDS
+
+
Word of warning
+
Keyservers only append content. Information on keyserver cannot be removed. This means, that when you delete uid, signature or whatever, it reappears when you run
+
+
gpg2 --refresh-keys
+
+
or receive your key from keyserver again. Thought content (uids, signatures, keys etc.) can be revoked.
+
You can now move to Icedove / Thunderbird guide and after that | or Enigmail guide, because things after this are usually done by email client.
+
But you should continue reading to understand how to use GPG without email client.
+
Trusting keys.
+
If you want to make gpg know that you trust key of another person, you have two opinons. Enter the "key editing shell", with
+
+
gpg2 --edit-key KEYID
+
+
and
+
Way 1: lsign
+
Lsign signs the key locally making it impossible to export the signature. Use it if you trust the key owner to be who the key says, but you haven't met him/her personally.
+
Lsign the key with
+
+
lsign
+
+
and then you can exit gpg with
+
+
quit
+
+
confirming to svae changes with
+
+
y
+
+
Way 2: sign
+
If you trust the key owner to be whom the key says and you have met him/her personally and have seen proof of his/her identify (i.e. passport) or he/she is member of your family or long time friend, you can sign the key with
+
+
sign
+
+
making the signature exportable or sendable to keyserver. Now exit gpg with
+
+
quit
+
+
saving the changes with
+
+
y
+
+
and send the signed key to keyserver with
+
+
gpg2 --send-keys KEYID
+
+
Other people will see your signature next time when they receive the key agan or run
+
+
gpg2 --refresh-keys
+
+
NOTE: You can upgrade lsigned signature to signed signature with the "sign" command.
+
Trust
+
Trust determines does gpg trust the key to validate other keys. Trust is only visible to you. You can se trust with
+
+
trust
+
+
and then exit gpg with
+
+
quit
+
+
saving the changes with
+
+
y
+
+
Signing
+
Signing a message
+
Run
+
+
gpg2 --clearsign
+
+
and write your message. When you are ready, add one empty line and press CTRL-D and gpg outputs signed message.
+
Signing a plaintext file
+
Just run
+
+
gpg2 --clearsign file.txt
+
+
and the signed content will be found from file.txt.asc
+
NOTE: .asc is same as .txt and can be opened with normal text editor.
+
Verifying signature
+
Clearsigned messages
+
Just run
+
+
gpg2
+
+
and paste the signed content, add one empty line and press CTRL-D.
+
Detached signatures
+
Run
+
+
gpg2 --verify file.sig
+
+
and you are asked for signed file.
+
Encrypting
+
To encrypt a message, just run
+
+
gpg2 --encrypt -a -r receiver (-r receiver...)
+
+
If you followed my configuration instructions, you are automatically receiver. Replace "receiver" with KEYID. Write your message, add empty line and press CTRL-D and gpg outputs encrypted content.
+
Decrypting
+
Just run
+
+
gpg2 --decrypt
+
+
paste the encrypted content, add empty line and press CTRL-D and gpg outputs, the decrypted content.
Just email me, the addresses can be found from my GPG key, which has been mentioned on this page some times. Please cleasign your question, so I won't get power to fake it, and please don't use HTML.
diff --git a/articles/guides/GnomeToMATE.html b/articles/guides/GnomeToMATE.html
index 3dbb9d2..c7b47c7 100644
--- a/articles/guides/GnomeToMATE.html
+++ b/articles/guides/GnomeToMATE.html
@@ -5,6 +5,7 @@
Moving from GNOME to MATE
+
On Debian you need package Icedove, but you should also install Enigmail and GnuPG and GnuPG2
aptitude install icedove enigmail gnupg gnupg2
Ubuntu
On Ubuntu you should install same packages as with Debian, but Icedove is called as Thunderbird.
aptitude install icedove enigmail gnupg gnupg2
Mac OS X
You need Thunderbird, but you should also install GPG-Tools and Enigmail.
Windows
You need at Thunderbird, but you should also install GPG4Win and Enigmail.
Setting up
When you open Thunderbird / Icedove for the first time, it will ask for email address and password. Give them and Thunderbird will attempt to find the details and after that it downloads emails from the server.
Sending plaintext.
To send emails in plaintext, open Edit --> Account settings --> Composition & Addressing and uncheck the box "Compose messages in HTML format.
This doesn't affect emails with any visible way. It might just remove some charters in message source and it will allow you to send more charters than some latin1 charset. It might also remove charset line in PGP/INLINE signed emails.
Open Edit --> Preferences --> Display --> Formatting --> Advanced... --> Character Encodings and set both "Outgoing Mail" and "Incoming Mail" as "Unicode UTF-8" and check the checkbox "When possible, use the default character encoding in replies."
On Debian you need package Icedove, but you should also install Enigmail and GnuPG and GnuPG2
+
+
aptitude install icedove enigmail gnupg gnupg2
+
+
Ubuntu
+
On Ubuntu you should install same packages as with Debian, but Icedove is called as Thunderbird.
+
+
aptitude install icedove enigmail gnupg gnupg2
+
+
Mac OS X
+
You need Thunderbird, but you should also install GPG-Tools and Enigmail.
+
Windows
+
You need at Thunderbird, but you should also install GPG4Win and Enigmail.
+
Setting up
+
When you open Thunderbird / Icedove for the first time, it will ask for email address and password. Give them and Thunderbird will attempt to find the details and after that it downloads emails from the server.
+
Sending plaintext.
+
To send emails in plaintext, open Edit --> Account settings --> Composition & Addressing and uncheck the box "Compose messages in HTML format.
This doesn't affect emails with any visible way. It might just remove some charters in message source and it will allow you to send more charters than some latin1 charset. It might also remove charset line in PGP/INLINE signed emails.
+
Open Edit --> Preferences --> Display --> Formatting --> Advanced... --> Character Encodings and set both "Outgoing Mail" and "Incoming Mail" as "Unicode UTF-8" and check the checkbox "When possible, use the default character encoding in replies."
+Q: What is top-posting?