Ade Malsasa Akbar contact
Senior author, Open Source enthusiast.
Wednesday, September 5, 2018 at 22:34


This quick tutorial explains in step by step how to configure Thunderbird so you can encrypt emails to your friend and read encrypted email destined to you. This all done automatically and easily by using Enigmail add-on. You will use your privacy-aware BitMessage Mail account (with IMAP/POP feature) from the previous tutorial. The underlying encrypt/decrypt processes are all done by GnuPG program already installed on Ubuntu. So you can now practice them all quickly and easily. Make encrypting email easier with this and good luck!

Subscribe to UbuntuBuzz Telegram Channel to get article updates directly.

Requirements


  • GnuPG (preinstalled)
  • Enigmail
  • Thunderbird (preinstalled)
  • BitMessage Email Account (or another IMAP/POP based accounts)

How It Works



Suppose you and Bob are friends:
  • You have your private and public key, your friend has his pair too.
  • Your mail to your friend is encrypted (secured) with his public key.
  • Your mail to your friend can only be opened by him: because only him has the pair --his private key--.
  • And vice versa.

Your Mail Account


This tutorial is a continuation of BitMessage Mail Tutorial: Signup & Setup (BitMessage Mail is a gratis and secure replacement to Gmail) so this tutorial uses BitMessage Mail account as example. I encourage you to have BitMessage Mail account yourself. If you still don't have any, you can practice this tutorial anyway i.e. with Gmail, MSN, Yahoo, or Yandex Mail.

1. Run Thunderbird


If you already have Thunderbird, no need to install it. Ubuntu and most GNU/Linux distros already included it by default.

2. Install Enigmail Add-on


Enigmail is actually just an add-on for Thunderbird. Install it:
  • 1) Go to menu > Tools > Addons
  • 2) Search for enigmail
  • 3) Press Install button on the Enigmail entry
  • 4) Once installed, Enigmail appears both on menubar and triple-bar menu

Thunderbird with top menubar shows Enigmail like this:

Enigmail menu

Thunderbird with right-side menu shows Enigmail like this instead:

Enigmail menu


3. Create Your Key


Create your key:
  • 1) Go to menu Enigmail > Setup Wizard
  • 2) Don't change any option and go further
  • 3) You will create a passphrase (password) for your private key. Create it securely but be sure you can remember it.
  • 4) Go further and follow all recommended steps.
  • 5) Once finished, check your key under menu Enigmail > Key Management.
  • 6) All preparations completed!

Your key will appear as your name + your email + your Key ID under Key Management:


Notice BC and 21 as first and last code of my key? Notice yours as well!

Done, now you can receive emails securely with your public key!

4. Send Email


To send encrypted email to your friend, you must have his/her public key first. See importing public key section below. Once Enigmail+Thunderbird have it, you just need to click the Lock button in the write new email dialog to encrypt it. It's all automatic thanks to Enigmail.

  • 1) Write new email
  • 2) Press Lock button
  • 3) The Lock button turns yellow
  • 4) Write your subject and message as usual
  • 5) Press Send button
  • 6) Done

See yellow Lock button?
See attachment box on the top-right?


To attach your public key in an email:
  • 1) Write a new email.
  • 2) Click the menu Enigmail > Attach Public Key > list of keys (keyring) dialog showing > select the key of your email address > OK.
  • 3) Your public key in .asc format showing on top-right of the writing email dialog. See picture above.

5. Receive Email


TIP: attach your public key in each outgoing email so each recipient can reply to you with encrypted email for you.

For your friend to send encrypted mail for you, he/she must have your public key. For your first time, test this simply by using your another email account. Then if your sending is correct, you must see your @bitmessage.ch inbox receives an encrypted mail.

See "Enigmail: Decrypted" message above and "Lock Logo" on right side

Import Public Keys


For you to send encrypted email to your friends, you must have their public keys. You want to send Bob an email, have Bob's public key. You want to send Alice email, have Alice's public key. And so on. If you have their public key files (.asc) already, now import them to Thunderbird:
  • 1) Open up Thunderbird
  • 2) Go to menu Enigmail > Key Management
  • 3) In the Enigmail dialog: go to File > Import Keys from File > file chooser dialog appears > select your friend's public key file (.asc) > OK
  • 4) Key Management dialog shows your friend's key
  • 5) Repeat 1-5 for another friend's public key

TIP: there are 'keyservers' where people around the world publish their own public keys. You may search for public keys there. Notice it's public key, not private key.

Example Key Management with some keys

References




This article is licensed under CC BY-SA 3.0.