Encrypted instant messaging with Jabber and GnuPG ------------------------------------------------- Last edited: $Date: 2014/03/02 13:04:37 $ ## Protect your privacy with GnuPG > GnuPG protects the content but not the metadata GnuPG, sometimes called OpenPGP has been around for many years. It encrypts your messages, both email and jabber. The encryption of GnuPG is secure. When your key size is sufficient it is general considered to be practically unbreakable. However, what GnuPG does not do is hide the people you are communicating with. This means that parties which can monitor your network traffic can still see with what ip addresses you have connections. ## Debian offer several Jabber clients with encryption support With Debian you can choose from several Jabber clients, like * MCabber * Gajim * Psi ## You have to have a GnuPG/OpenPGP key If you have not used GnuPG before, you will have to generate a key. Debian provide some excellent information on this, see . ## You have to have a GnuPG/OpenPGP key of your buddies You will need to have the public key of the people with whom you want to set up secure communication. First you have to import the public keys of the people you want to set up secure communication. Get their public key and import them with gpg --import . If their key is on the keyservers then you can do a gpg --recv-keys . After this set the trust value for each imported key: gpg --edit-key trust ## Encrypted messaging with MCabber MCabber is a console Jabber client. The advantages of a console client are: * Lightweight * Can be used over ssh * Can be run in GNU Screen ### Setting up MCabber After installing with ```apt-get install mcabber''' the config file for MCabber needs to be made. Create a directory ~/.mcabber with permissions 700 and gunzip the example rc-file from /usr/share/doc/mcabber/examples/ into this directory. Edit this file and change the following lines. set jid = set password = set pgp = 1 set pgp_private_key = "" set pgp_passphrase = "" After this, start MCabber and see if everything works out fine. ### Encrypted messaging with MCabber Start MCabber. For each person create an association with their public key: /pgp setkey /pgp enable Check the settings with: /pgp info Now you can start communicating in a secure way. ### Recognizing secure communication There is a small but important difference in the presentation of the messages: 03-01 16:32 <~= received encrypted message 03-01 16:33 <== received plain text message 03-01 16:34 -~> send encrypted message 03-01 16:35 -~> send plain text message The difference is the use of the tilde character ( ~ ) in the lines. ## Encrypted messaging with Gajim Using encryption in Psi is quite simple. Start with importing the gpg keys of your buddies into your GnuPG keyring, like described above. Then start Gajim. From the main menu, choose Edit - Accounts. Open the tab "Personal Information". Here you can choose your private key. Choose a buddy from the list of buddies. Right click on the buddy. Now a menu opens, choose "Manage Contact - Asign OpenPGP key". Choose the right public key for this buddy. Now open a chat window with this budy. The bottom of this window shows a row of icons. The right icon shows a menu of advanced options. Here you have the option "Toggle OpenPGP Encryption". After choosing this option, you will have setup secure communication. ## Encrypted messaging with Psi Using encryption in Psi is quite simple. Again, start with importing the gpg keys of your buddies into your GnuPG keyring. Then start Psi. Choose a buddy from the buddylist in Psi and open a chat window. In the right corner click on the downward poiting triangle. This opens a menu. Click on "Toggle encryption". Psi will ask you to choose the proper key. From this moment on you will have secure communication with this buddy. Psi will notify this with the line "Encryption Enabled" in your chat window. $Id: gnupgjabber.txt,v 1.1 2014/03/02 13:04:37 matto Exp $