mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2024-10-01 05:35:57 +00:00
Convert Encryption to HTML admonitions (#2400)
Signed-off-by: Daniel Gray <dngray@privacyguides.org>
This commit is contained in:
parent
cd4181a7fc
commit
8e3bd2589e
@ -13,7 +13,7 @@ The options listed here are multi-platform and great for creating encrypted back
|
|||||||
|
|
||||||
### Cryptomator (Cloud)
|
### Cryptomator (Cloud)
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![Cryptomator logo](assets/img/encryption-software/cryptomator.svg){ align=right }
|
![Cryptomator logo](assets/img/encryption-software/cryptomator.svg){ align=right }
|
||||||
|
|
||||||
@ -25,7 +25,8 @@ The options listed here are multi-platform and great for creating encrypted back
|
|||||||
[:octicons-code-16:](https://github.com/cryptomator){ .card-link title="Source Code" }
|
[:octicons-code-16:](https://github.com/cryptomator){ .card-link title="Source Code" }
|
||||||
[:octicons-heart-16:](https://cryptomator.org/donate/){ .card-link title=Contribute }
|
[:octicons-heart-16:](https://cryptomator.org/donate/){ .card-link title=Contribute }
|
||||||
|
|
||||||
??? downloads
|
<details class="downloads" markdown>
|
||||||
|
<summary>Downloads</summary>
|
||||||
|
|
||||||
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.cryptomator)
|
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.cryptomator)
|
||||||
- [:simple-appstore: App Store](https://apps.apple.com/us/app/cryptomator-2/id1560822163)
|
- [:simple-appstore: App Store](https://apps.apple.com/us/app/cryptomator-2/id1560822163)
|
||||||
@ -35,6 +36,10 @@ The options listed here are multi-platform and great for creating encrypted back
|
|||||||
- [:simple-linux: Linux](https://cryptomator.org/downloads)
|
- [:simple-linux: Linux](https://cryptomator.org/downloads)
|
||||||
- [:simple-flathub: Flathub](https://flathub.org/apps/details/org.cryptomator.Cryptomator)
|
- [:simple-flathub: Flathub](https://flathub.org/apps/details/org.cryptomator.Cryptomator)
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
Cryptomator uses AES-256 encryption to encrypt both files and filenames. Cryptomator cannot encrypt metadata such as access, modification, and creation timestamps, nor the number and size of files and folders.
|
Cryptomator uses AES-256 encryption to encrypt both files and filenames. Cryptomator cannot encrypt metadata such as access, modification, and creation timestamps, nor the number and size of files and folders.
|
||||||
|
|
||||||
Some Cryptomator cryptographic libraries have been [audited](https://community.cryptomator.org/t/has-there-been-a-security-review-audit-of-cryptomator/44) by Cure53. The scope of the audited libraries includes: [cryptolib](https://github.com/cryptomator/cryptolib), [cryptofs](https://github.com/cryptomator/cryptofs), [siv-mode](https://github.com/cryptomator/siv-mode) and [cryptomator-objc-cryptor](https://github.com/cryptomator/cryptomator-objc-cryptor). The audit did not extend to [cryptolib-swift](https://github.com/cryptomator/cryptolib-swift), which is a library used by Cryptomator for iOS.
|
Some Cryptomator cryptographic libraries have been [audited](https://community.cryptomator.org/t/has-there-been-a-security-review-audit-of-cryptomator/44) by Cure53. The scope of the audited libraries includes: [cryptolib](https://github.com/cryptomator/cryptolib), [cryptofs](https://github.com/cryptomator/cryptofs), [siv-mode](https://github.com/cryptomator/siv-mode) and [cryptomator-objc-cryptor](https://github.com/cryptomator/cryptomator-objc-cryptor). The audit did not extend to [cryptolib-swift](https://github.com/cryptomator/cryptolib-swift), which is a library used by Cryptomator for iOS.
|
||||||
@ -43,7 +48,7 @@ Cryptomator's documentation details its intended [security target](https://docs.
|
|||||||
|
|
||||||
### Picocrypt (File)
|
### Picocrypt (File)
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![Picocrypt logo](assets/img/encryption-software/picocrypt.svg){ align=right }
|
![Picocrypt logo](assets/img/encryption-software/picocrypt.svg){ align=right }
|
||||||
|
|
||||||
@ -53,15 +58,20 @@ Cryptomator's documentation details its intended [security target](https://docs.
|
|||||||
[:octicons-code-16:](https://github.com/HACKERALERT/Picocrypt){ .card-link title="Source Code" }
|
[:octicons-code-16:](https://github.com/HACKERALERT/Picocrypt){ .card-link title="Source Code" }
|
||||||
[:octicons-heart-16:](https://opencollective.com/picocrypt){ .card-link title=Contribute }
|
[:octicons-heart-16:](https://opencollective.com/picocrypt){ .card-link title=Contribute }
|
||||||
|
|
||||||
??? downloads
|
<details class="downloads" markdown>
|
||||||
|
<summary>Downloads</summary>
|
||||||
|
|
||||||
- [:simple-windows11: Windows](https://github.com/HACKERALERT/Picocrypt/releases)
|
- [:simple-windows11: Windows](https://github.com/HACKERALERT/Picocrypt/releases)
|
||||||
- [:simple-apple: macOS](https://github.com/HACKERALERT/Picocrypt/releases)
|
- [:simple-apple: macOS](https://github.com/HACKERALERT/Picocrypt/releases)
|
||||||
- [:simple-linux: Linux](https://github.com/HACKERALERT/Picocrypt/releases)
|
- [:simple-linux: Linux](https://github.com/HACKERALERT/Picocrypt/releases)
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
### VeraCrypt (Disk)
|
### VeraCrypt (Disk)
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![VeraCrypt logo](assets/img/encryption-software/veracrypt.svg#only-light){ align=right }
|
![VeraCrypt logo](assets/img/encryption-software/veracrypt.svg#only-light){ align=right }
|
||||||
![VeraCrypt logo](assets/img/encryption-software/veracrypt-dark.svg#only-dark){ align=right }
|
![VeraCrypt logo](assets/img/encryption-software/veracrypt-dark.svg#only-dark){ align=right }
|
||||||
@ -73,12 +83,17 @@ Cryptomator's documentation details its intended [security target](https://docs.
|
|||||||
[:octicons-code-16:](https://veracrypt.fr/code/){ .card-link title="Source Code" }
|
[:octicons-code-16:](https://veracrypt.fr/code/){ .card-link title="Source Code" }
|
||||||
[:octicons-heart-16:](https://veracrypt.fr/en/Donation.html){ .card-link title=Contribute }
|
[:octicons-heart-16:](https://veracrypt.fr/en/Donation.html){ .card-link title=Contribute }
|
||||||
|
|
||||||
??? downloads
|
<details class="downloads" markdown>
|
||||||
|
<summary>Downloads</summary>
|
||||||
|
|
||||||
- [:simple-windows11: Windows](https://www.veracrypt.fr/en/Downloads.html)
|
- [:simple-windows11: Windows](https://www.veracrypt.fr/en/Downloads.html)
|
||||||
- [:simple-apple: macOS](https://www.veracrypt.fr/en/Downloads.html)
|
- [:simple-apple: macOS](https://www.veracrypt.fr/en/Downloads.html)
|
||||||
- [:simple-linux: Linux](https://www.veracrypt.fr/en/Downloads.html)
|
- [:simple-linux: Linux](https://www.veracrypt.fr/en/Downloads.html)
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
VeraCrypt is a fork of the discontinued TrueCrypt project. According to its developers, security improvements have been implemented and issues raised by the initial TrueCrypt code audit have been addressed.
|
VeraCrypt is a fork of the discontinued TrueCrypt project. According to its developers, security improvements have been implemented and issues raised by the initial TrueCrypt code audit have been addressed.
|
||||||
|
|
||||||
When encrypting with VeraCrypt, you have the option to select from different [hash functions](https://en.wikipedia.org/wiki/VeraCrypt#Encryption_scheme). We suggest you **only** select [SHA-512](https://en.wikipedia.org/wiki/SHA-512) and stick to the [AES](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) block cipher.
|
When encrypting with VeraCrypt, you have the option to select from different [hash functions](https://en.wikipedia.org/wiki/VeraCrypt#Encryption_scheme). We suggest you **only** select [SHA-512](https://en.wikipedia.org/wiki/SHA-512) and stick to the [AES](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) block cipher.
|
||||||
@ -91,7 +106,7 @@ For encrypting the drive your operating system boots from, we generally recommen
|
|||||||
|
|
||||||
### BitLocker
|
### BitLocker
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![BitLocker logo](assets/img/encryption-software/bitlocker.png){ align=right }
|
![BitLocker logo](assets/img/encryption-software/bitlocker.png){ align=right }
|
||||||
|
|
||||||
@ -99,49 +114,53 @@ For encrypting the drive your operating system boots from, we generally recommen
|
|||||||
|
|
||||||
[:octicons-info-16:](https://docs.microsoft.com/en-us/windows/security/information-protection/BitLocker/BitLocker-overview){ .card-link title=Documentation}
|
[:octicons-info-16:](https://docs.microsoft.com/en-us/windows/security/information-protection/BitLocker/BitLocker-overview){ .card-link title=Documentation}
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
BitLocker is [only supported](https://support.microsoft.com/en-us/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on Pro, Enterprise and Education editions of Windows. It can be enabled on Home editions provided that they meet the prerequisites.
|
BitLocker is [only supported](https://support.microsoft.com/en-us/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on Pro, Enterprise and Education editions of Windows. It can be enabled on Home editions provided that they meet the prerequisites.
|
||||||
|
|
||||||
??? example "Enabling BitLocker on Windows Home"
|
<details class="example" markdown>
|
||||||
|
<summary>Enabling BitLocker on Windows Home</summary>
|
||||||
|
|
||||||
To enable BitLocker on "Home" editions of Windows, you must have partitions formatted with a [GUID Partition Table](https://en.wikipedia.org/wiki/GUID_Partition_Table) and have a dedicated TPM (v1.2, 2.0+) module. You may need to [disable the non-Bitlocker "Device encryption" functionality](https://discuss.privacyguides.net/t/enabling-bitlocker-on-the-windows-11-home-edition/13303/5) (which is inferior because it sends your recovery key to Microsoft's servers) if it is enabled on your device already before following this guide.
|
To enable BitLocker on "Home" editions of Windows, you must have partitions formatted with a [GUID Partition Table](https://en.wikipedia.org/wiki/GUID_Partition_Table) and have a dedicated TPM (v1.2, 2.0+) module. You may need to [disable the non-Bitlocker "Device encryption" functionality](https://discuss.privacyguides.net/t/enabling-bitlocker-on-the-windows-11-home-edition/13303/5) (which is inferior because it sends your recovery key to Microsoft's servers) if it is enabled on your device already before following this guide.
|
||||||
|
|
||||||
1. Open a command prompt and check your drive's partition table format with the following command. You should see "**GPT**" listed under "Partition Style":
|
1. Open a command prompt and check your drive's partition table format with the following command. You should see "**GPT**" listed under "Partition Style":
|
||||||
|
```powershell
|
||||||
```
|
|
||||||
powershell Get-Disk
|
powershell Get-Disk
|
||||||
```
|
```
|
||||||
|
|
||||||
2. Run this command (in an admin command prompt) to check your TPM version. You should see `2.0` or `1.2` listed next to `SpecVersion`:
|
2. Run this command (in an admin command prompt) to check your TPM version. You should see `2.0` or `1.2` listed next to `SpecVersion`:
|
||||||
|
```powershell
|
||||||
```
|
|
||||||
powershell Get-WmiObject -Namespace "root/cimv2/security/microsofttpm" -Class WIN32_tpm
|
powershell Get-WmiObject -Namespace "root/cimv2/security/microsofttpm" -Class WIN32_tpm
|
||||||
```
|
```
|
||||||
|
|
||||||
3. Access [Advanced Startup Options](https://support.microsoft.com/en-us/windows/advanced-startup-options-including-safe-mode-b90e7808-80b5-a291-d4b8-1a1af602b617). You need to reboot while pressing the F8 key before Windows starts and go into the *command prompt* in **Troubleshoot** → **Advanced Options** → **Command Prompt**.
|
3. Access [Advanced Startup Options](https://support.microsoft.com/en-us/windows/advanced-startup-options-including-safe-mode-b90e7808-80b5-a291-d4b8-1a1af602b617). You need to reboot while pressing the F8 key before Windows starts and go into the *command prompt* in **Troubleshoot** → **Advanced Options** → **Command Prompt**.
|
||||||
|
|
||||||
4. Login with your admin account and type this in the command prompt to start encryption:
|
4. Login with your admin account and type this in the command prompt to start encryption:
|
||||||
|
```powershell
|
||||||
```
|
|
||||||
manage-bde -on c: -used
|
manage-bde -on c: -used
|
||||||
```
|
```
|
||||||
|
|
||||||
5. Close the command prompt and continue booting to regular Windows.
|
5. Close the command prompt and continue booting to regular Windows.
|
||||||
|
|
||||||
6. Open an admin command prompt and run the following commands:
|
6. Open an admin command prompt and run the following commands:
|
||||||
|
```powershell
|
||||||
```
|
|
||||||
manage-bde c: -protectors -add -rp -tpm
|
manage-bde c: -protectors -add -rp -tpm
|
||||||
manage-bde -protectors -enable c:
|
manage-bde -protectors -enable c:
|
||||||
manage-bde -protectors -get c: > %UserProfile%\Desktop\BitLocker-Recovery-Key.txt
|
manage-bde -protectors -get c: > %UserProfile%\Desktop\BitLocker-Recovery-Key.txt
|
||||||
```
|
```
|
||||||
|
|
||||||
!!! tip
|
<div class="admonition tip" markdown>
|
||||||
|
<p class="admonition-title">Tip</p>
|
||||||
|
|
||||||
Backup `BitLocker-Recovery-Key.txt` on your Desktop to a separate storage device. Loss of this recovery code may result in loss of data.
|
Backup `BitLocker-Recovery-Key.txt` on your Desktop to a separate storage device. Loss of this recovery code may result in loss of data.
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
### FileVault
|
### FileVault
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![FileVault logo](assets/img/encryption-software/filevault.png){ align=right }
|
![FileVault logo](assets/img/encryption-software/filevault.png){ align=right }
|
||||||
|
|
||||||
@ -149,11 +168,15 @@ BitLocker is [only supported](https://support.microsoft.com/en-us/windows/turn-o
|
|||||||
|
|
||||||
[:octicons-info-16:](https://support.apple.com/guide/mac-help/encrypt-mac-data-with-filevault-mh11785/mac){ .card-link title=Documentation}
|
[:octicons-info-16:](https://support.apple.com/guide/mac-help/encrypt-mac-data-with-filevault-mh11785/mac){ .card-link title=Documentation}
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
We recommend storing a local recovery key in a secure place as opposed to using your iCloud account for recovery.
|
We recommend storing a local recovery key in a secure place as opposed to using your iCloud account for recovery.
|
||||||
|
|
||||||
### Linux Unified Key Setup
|
### Linux Unified Key Setup
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![LUKS logo](assets/img/encryption-software/luks.png){ align=right }
|
![LUKS logo](assets/img/encryption-software/luks.png){ align=right }
|
||||||
|
|
||||||
@ -163,35 +186,47 @@ We recommend storing a local recovery key in a secure place as opposed to using
|
|||||||
[:octicons-info-16:](https://gitlab.com/cryptsetup/cryptsetup/-/wikis/home){ .card-link title=Documentation}
|
[:octicons-info-16:](https://gitlab.com/cryptsetup/cryptsetup/-/wikis/home){ .card-link title=Documentation}
|
||||||
[:octicons-code-16:](https://gitlab.com/cryptsetup/cryptsetup/){ .card-link title="Source Code" }
|
[:octicons-code-16:](https://gitlab.com/cryptsetup/cryptsetup/){ .card-link title="Source Code" }
|
||||||
|
|
||||||
??? example "Creating and opening encrypted containers"
|
</details>
|
||||||
|
|
||||||
```
|
</div>
|
||||||
|
|
||||||
|
<details class="example" markdown>
|
||||||
|
<summary>Creating and opening encrypted containers</summary>
|
||||||
|
|
||||||
|
```bash
|
||||||
dd if=/dev/urandom of=/path-to-file bs=1M count=1024 status=progress
|
dd if=/dev/urandom of=/path-to-file bs=1M count=1024 status=progress
|
||||||
sudo cryptsetup luksFormat /path-to-file
|
sudo cryptsetup luksFormat /path-to-file
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Opening encrypted containers
|
#### Opening encrypted containers
|
||||||
|
|
||||||
We recommend opening containers and volumes with `udisksctl` as this uses [Polkit](https://en.wikipedia.org/wiki/Polkit). Most file managers, such as those included with popular desktop environments, can unlock encrypted files. Tools like [udiskie](https://github.com/coldfix/udiskie) can run in the system tray and provide a helpful user interface.
|
We recommend opening containers and volumes with `udisksctl` as this uses [Polkit](https://en.wikipedia.org/wiki/Polkit). Most file managers, such as those included with popular desktop environments, can unlock encrypted files. Tools like [udiskie](https://github.com/coldfix/udiskie) can run in the system tray and provide a helpful user interface.
|
||||||
```
|
|
||||||
|
```bash
|
||||||
udisksctl loop-setup -f /path-to-file
|
udisksctl loop-setup -f /path-to-file
|
||||||
udisksctl unlock -b /dev/loop0
|
udisksctl unlock -b /dev/loop0
|
||||||
```
|
```
|
||||||
|
|
||||||
!!! note "Remember to back up volume headers"
|
</details>
|
||||||
|
|
||||||
|
<div class="admonition note" markdown>
|
||||||
|
<p class="admonition-title">Remember to back up volume headers</p>
|
||||||
|
|
||||||
We recommend you always [back up your LUKS headers](https://wiki.archlinux.org/title/Dm-crypt/Device_encryption#Backup_and_restore) in case of partial drive failure. This can be done with:
|
We recommend you always [back up your LUKS headers](https://wiki.archlinux.org/title/Dm-crypt/Device_encryption#Backup_and_restore) in case of partial drive failure. This can be done with:
|
||||||
|
|
||||||
```
|
```bash
|
||||||
cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.img
|
cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.img
|
||||||
```
|
```
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
## Command-line
|
## Command-line
|
||||||
|
|
||||||
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
|
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
|
||||||
|
|
||||||
### Kryptor
|
### Kryptor
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![Kryptor logo](assets/img/encryption-software/kryptor.png){ align=right }
|
![Kryptor logo](assets/img/encryption-software/kryptor.png){ align=right }
|
||||||
|
|
||||||
@ -203,15 +238,20 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
|
|||||||
[:octicons-code-16:](https://github.com/samuel-lucas6/Kryptor){ .card-link title="Source Code" }
|
[:octicons-code-16:](https://github.com/samuel-lucas6/Kryptor){ .card-link title="Source Code" }
|
||||||
[:octicons-heart-16:](https://www.kryptor.co.uk/#donate){ .card-link title=Contribute }
|
[:octicons-heart-16:](https://www.kryptor.co.uk/#donate){ .card-link title=Contribute }
|
||||||
|
|
||||||
??? downloads
|
<details class="downloads" markdown>
|
||||||
|
<summary>Downloads</summary>
|
||||||
|
|
||||||
- [:simple-windows11: Windows](https://www.kryptor.co.uk)
|
- [:simple-windows11: Windows](https://www.kryptor.co.uk)
|
||||||
- [:simple-apple: macOS](https://www.kryptor.co.uk)
|
- [:simple-apple: macOS](https://www.kryptor.co.uk)
|
||||||
- [:simple-linux: Linux](https://www.kryptor.co.uk)
|
- [:simple-linux: Linux](https://www.kryptor.co.uk)
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
### Tomb
|
### Tomb
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![Tomb logo](assets/img/encryption-software/tomb.png){ align=right }
|
![Tomb logo](assets/img/encryption-software/tomb.png){ align=right }
|
||||||
|
|
||||||
@ -222,13 +262,18 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
|
|||||||
[:octicons-code-16:](https://github.com/dyne/Tomb){ .card-link title="Source Code" }
|
[:octicons-code-16:](https://github.com/dyne/Tomb){ .card-link title="Source Code" }
|
||||||
[:octicons-heart-16:](https://www.dyne.org/donate){ .card-link title=Contribute }
|
[:octicons-heart-16:](https://www.dyne.org/donate){ .card-link title=Contribute }
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
## OpenPGP
|
## OpenPGP
|
||||||
|
|
||||||
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
|
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
|
||||||
|
|
||||||
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://www.gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
|
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://www.gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
|
||||||
|
|
||||||
!!! tip "Use future defaults when generating a key"
|
<div class="admonition tip" markdown>
|
||||||
|
<p class="admonition-title">Use future defaults when generating a key</p>
|
||||||
|
|
||||||
When [generating keys](https://www.gnupg.org/gph/en/manual/c14.html) we suggest using the `future-default` command as this will instruct GnuPG use modern cryptography such as [Curve25519](https://en.wikipedia.org/wiki/Curve25519#History) and [Ed25519](https://ed25519.cr.yp.to/):
|
When [generating keys](https://www.gnupg.org/gph/en/manual/c14.html) we suggest using the `future-default` command as this will instruct GnuPG use modern cryptography such as [Curve25519](https://en.wikipedia.org/wiki/Curve25519#History) and [Ed25519](https://ed25519.cr.yp.to/):
|
||||||
|
|
||||||
@ -236,9 +281,11 @@ When encrypting with PGP, you have the option to configure different options in
|
|||||||
gpg --quick-gen-key alice@example.com future-default
|
gpg --quick-gen-key alice@example.com future-default
|
||||||
```
|
```
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
### GNU Privacy Guard
|
### GNU Privacy Guard
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![GNU Privacy Guard logo](assets/img/encryption-software/gnupg.svg){ align=right }
|
![GNU Privacy Guard logo](assets/img/encryption-software/gnupg.svg){ align=right }
|
||||||
|
|
||||||
@ -249,16 +296,21 @@ When encrypting with PGP, you have the option to configure different options in
|
|||||||
[:octicons-info-16:](https://gnupg.org/documentation/index.html){ .card-link title=Documentation}
|
[:octicons-info-16:](https://gnupg.org/documentation/index.html){ .card-link title=Documentation}
|
||||||
[:octicons-code-16:](https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git){ .card-link title="Source Code" }
|
[:octicons-code-16:](https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git){ .card-link title="Source Code" }
|
||||||
|
|
||||||
??? downloads
|
<details class="downloads" markdown>
|
||||||
|
<summary>Downloads</summary>
|
||||||
|
|
||||||
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain)
|
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain)
|
||||||
- [:simple-windows11: Windows](https://gpg4win.org/download.html)
|
- [:simple-windows11: Windows](https://gpg4win.org/download.html)
|
||||||
- [:simple-apple: macOS](https://gpgtools.org)
|
- [:simple-apple: macOS](https://gpgtools.org)
|
||||||
- [:simple-linux: Linux](https://gnupg.org/download/index.html#binary)
|
- [:simple-linux: Linux](https://gnupg.org/download/index.html#binary)
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
### GPG4win
|
### GPG4win
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![GPG4win logo](assets/img/encryption-software/gpg4win.svg){ align=right }
|
![GPG4win logo](assets/img/encryption-software/gpg4win.svg){ align=right }
|
||||||
|
|
||||||
@ -270,17 +322,25 @@ When encrypting with PGP, you have the option to configure different options in
|
|||||||
[:octicons-code-16:](https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpg4win.git;a=summary){ .card-link title="Source Code" }
|
[:octicons-code-16:](https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpg4win.git;a=summary){ .card-link title="Source Code" }
|
||||||
[:octicons-heart-16:](https://gpg4win.org/donate.html){ .card-link title=Contribute }
|
[:octicons-heart-16:](https://gpg4win.org/donate.html){ .card-link title=Contribute }
|
||||||
|
|
||||||
??? downloads
|
<details class="downloads" markdown>
|
||||||
|
<summary>Downloads</summary>
|
||||||
|
|
||||||
- [:simple-windows11: Windows](https://gpg4win.org/download.html)
|
- [:simple-windows11: Windows](https://gpg4win.org/download.html)
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
### GPG Suite
|
### GPG Suite
|
||||||
|
|
||||||
!!! note
|
<div class="admonition note" markdown>
|
||||||
|
<p class="admonition-title">Note</p>
|
||||||
|
|
||||||
We suggest [Canary Mail](email-clients.md#canary-mail) for using PGP with email on iOS devices.
|
We suggest [Canary Mail](email-clients.md#canary-mail) for using PGP with email on iOS devices.
|
||||||
|
|
||||||
!!! recommendation
|
</div>
|
||||||
|
|
||||||
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![GPG Suite logo](assets/img/encryption-software/gpgsuite.png){ align=right }
|
![GPG Suite logo](assets/img/encryption-software/gpgsuite.png){ align=right }
|
||||||
|
|
||||||
@ -293,13 +353,18 @@ When encrypting with PGP, you have the option to configure different options in
|
|||||||
[:octicons-info-16:](https://gpgtools.tenderapp.com/kb){ .card-link title=Documentation}
|
[:octicons-info-16:](https://gpgtools.tenderapp.com/kb){ .card-link title=Documentation}
|
||||||
[:octicons-code-16:](https://github.com/GPGTools){ .card-link title="Source Code" }
|
[:octicons-code-16:](https://github.com/GPGTools){ .card-link title="Source Code" }
|
||||||
|
|
||||||
??? downloads
|
<details class="downloads" markdown>
|
||||||
|
<summary>Downloads</summary>
|
||||||
|
|
||||||
- [:simple-apple: macOS](https://gpgtools.org)
|
- [:simple-apple: macOS](https://gpgtools.org)
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
### OpenKeychain
|
### OpenKeychain
|
||||||
|
|
||||||
!!! recommendation
|
<div class="admonition recommendation" markdown>
|
||||||
|
|
||||||
![OpenKeychain logo](assets/img/encryption-software/openkeychain.svg){ align=right }
|
![OpenKeychain logo](assets/img/encryption-software/openkeychain.svg){ align=right }
|
||||||
|
|
||||||
@ -310,18 +375,26 @@ When encrypting with PGP, you have the option to configure different options in
|
|||||||
[:octicons-info-16:](https://www.openkeychain.org/faq/){ .card-link title=Documentation}
|
[:octicons-info-16:](https://www.openkeychain.org/faq/){ .card-link title=Documentation}
|
||||||
[:octicons-code-16:](https://github.com/open-keychain/open-keychain){ .card-link title="Source Code" }
|
[:octicons-code-16:](https://github.com/open-keychain/open-keychain){ .card-link title="Source Code" }
|
||||||
|
|
||||||
??? downloads
|
<details class="downloads" markdown>
|
||||||
|
<summary>Downloads</summary>
|
||||||
|
|
||||||
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain)
|
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain)
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
## Criteria
|
## Criteria
|
||||||
|
|
||||||
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
|
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
|
||||||
|
|
||||||
!!! example "This section is new"
|
<div class="admonition example" markdown>
|
||||||
|
<p class="admonition-title">This section is new</p>
|
||||||
|
|
||||||
We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
|
We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
### Minimum Qualifications
|
### Minimum Qualifications
|
||||||
|
|
||||||
- Cross-platform encryption apps must be open source.
|
- Cross-platform encryption apps must be open source.
|
||||||
|
Loading…
Reference in New Issue
Block a user