now is the time to forget the whimpering child, become the warrior
6.1. The Setup Wizard
Select OpenPGP → Setup Wizard and the following window will appear. Remember that you can abort the Setup Wizard at any time, and run it again from the OpenPGP menu.
Select Yes and click Next.
Here you can choose whether to have Enigmail configured to work on all your email accounts and identities, or for some only. If you are a beginner user, you should select Yes to avoid confusion when switching accounts. How to set up an account for use with OpenPGP/Enigmail is explained in Section 8.1. Click Next.
Here you can choose whether to sign all mail you send, or to pre-select recipients (through more complex per-recipient rules) to whom send signed messages. Per-recipient rules are explained in Section 8.6. You can safely select Yes here. In this way, signing will be enabled by default for all your outgoing messages, but you can easily turn it off in the Message Composing window. Click Next.
Here you can choose whether to enable encryption by default for all your outgoing mail. To encrypt a message, you need to have the public key of the recipient(s). We recommend you select No so that you can enable encryption only if you really mean to. Click Next.
The Setup Wizard here asks you permission to modify some email settings to make sure Enigmail works seamlessly on your machine. You can safely select Yes. If you want to see what's going to be changed, click on Details... and the following window will appear:
Don't worry if you don't understand what that means: these are perfectly reasonable settings, and we advise to leave all options checked. The most noticeable change will be that, from now on, email messages will be composed and viewed in plain text instead of HTML. This is necessary because HTML may cause problems when using signing and/or encryption. Note that, as a good rule of netiquette, you should refrain from using HTML also when writing normal (unsigned, unencrypted) mail. The other setting are relevant to more technical issues such as message downloading from IMAP servers, text formatting, and character encoding. These will not improve your mailclient experience in any way. Click Next.
Perhaps you already used Enigmail (or GnuPG, or any other OpenPGP software) in the past before installing this version of Enigmail, and have created a GnuPG key pair that is still on your machine. In this case, Enigmail will find it in the GnuPG directory and will offer to use it for your identity. Otherwise, you must generate a new key pair.
In this figure, Enigmail has detected a previous OpenPGP key that can hence be used. Select the key and click Next.
More likely, this is the first time you use OpenPGP, so you will need to generate a new key pair. Therefore, select I want to create a new key pair for signing and encrypting my email and click Next. You will be brought to the Generate OpenPGP Key window:
Choose a passphrase to protect your key pair: you will need to type that passphrase every time you sign or decrypt a message. You don't need to change anything else, as the default settings will work fine. Just make sure Use generated key for the selected identity is checked, then click on Generate key and wait. You will be alerted once the key has been generated. If you want to know more about key generation, read Section 7.2.
The last window of the Setup Wizard allows you to review the choices you've made and confirm. Click Next to commit the changes and finish.
Enigmail is now configured and ready to use.
When you start writing a mail, you will now notice a new OpenPGP button in the toolbar of the Compose window. This button allows you to sign and/or encrypt the message. In the bottom right corner, a pen and/or a key icon will be green lit to signal that, respectively, signing and/or encryption is enabled.
You can immediately send signed mail to anyone. However, in order to allow someone to verify your signature or to send you an encrypted message, you must provide him with your public key. You can send your public key as an attachment by choosing OpenPGP → Attach Public key... in the Compose window, and then by selecting your key in the Key Selection window that will appear. All your stored keys (your own key pair, and other people's public keys you have acquired) can be seen in the Key Management, via the menu command OpenPGP → Key Management. To send encrypted mail, you need to have the public key of the recipient. You can acquire it in one of the following ways:
- ask him to email you his public key as an attachment; then right-click on the attachment and choose Import OpenPGP Key;
- download his public key from his web site as an ASC file, then import it via File → Import Keys From File from Key Management;
- retrieve his public key from a keyserver via Keyserver → Search for keys from Key Management.
When you receive a mail message that has been OpenPGP-secured (signed and/or encrypted), it will appear as such:
The message in the figure has been both signed and encrypted, as shown in the OpenPGP status bar. Thank you for using Enigmail! These are the basics of it. You can read about all topics in detail by perusing the rest of this Handbook.