As a security-minded individual, you are no doubt using encrypted Email. Here's a short recap on how to do that on your Linux box, and how to extend encrypted mail coverage to your mobile device without jeopardizing your all-important GPG2 master key.

A Word about Efail

In May 2018 the so-called Efail vulnerability broke, which was picked up by mainstream media and blown massively out of proportion. Unfortunately, a number of very stupid people took this as the opportunity to declare PGP-based email encryption as dead. Here is a good summary on why this is unreasonable and factually wrong. Full disclosure: Proton's business model hinges on providing encrypted email services. It is still a good, factual read.

So with this out of the way, how do we use encyrpted Email on Linux?

Thunderbird with Enigmail

The simplest answer is: with Thunderbird and an extension called Enigmail. Assuming you already have Thunderbird installed and configured (if not, there are good guides for that here and here), next install the Enigmail package. On Fedora this can be done by running dnf install thunderbird-enigma.

After starting Thunderbird, and before doing anything else, you want to make sure that you are composing and viewing messages in plain text format only, not in HTML. Using HTML in emails is a fallacy that was brought about by people who do not understand that emails and web pages are not the same thing. More importantly, allowing HTML in your emails is exposing you to untold risks because your mail program will request information through links embedded in the HTML that you as the receipient have zero control over! This is the precise reason for the Efail vulnerability mentioned above.

To turn that nonsense off, execute these three steps:

1. go to Edit --> Account Settings --> Composition & Addressing and uncheck Compose Messages in HTML format. Confirm with OK.
2. Next, go to View --> Message Body As and choose Plain Text.
3. Finally, go to Edit --> Preferences --> Privacy and turn off Allow remote content in messages.

Turning our attention back to Enigmail, you will notice you now have a new pulldown menu named "Enigmail" which among several other items includes a setup wizard. Run through this to create your new GPG keypair and configure it in Thunderbird. This is a good step-by-step instruction which also covers a lot of ground for the basic Thunderbird configuration.

At this point you're up and running and can exchange encrypted Emails with others who also use OpenPGP. In principle that also includes people using mobile devices with Android or iOS, and you might want to be able to read and send encrypted mails yourself when on your phone. Using K9 Mail and OpenKeychain on Android, this is easily doable; however, with mobile device security being what it is, you shouldn't just copy your secret key to your phone. If your key gets compromised, this compromises your entire encrypted conversation history.

GPG2 subkeys

Therefore it is preferable to go the extra length and create an additional set of subkeys with their own keyphrase, and only import these to your phone or tablet.

In a nutshell, this can be done as follows:

1. run gpg2 --list-keys to show your keys.
2. enter interactive mode using gpg --edit-key YOURMASTERKEYID
3. at the gpg> prompt type addkey
4. create a "RSA (sign only)" subkey type with the longest key length possible
5. repeat the above step to create a "RSA (encrypt only)" subkey type
6. type save to save your changes
7. show your new subkeys with gpg2 --with-keygrip --list-key YOURMASTERKEYID
8. now export only those subkeys into an ASCII-armored file with gpg2 --armor --output subkeys.asc --export-secret-subkeys KEYGRIP with the keygrip of your master key

The file can now be transferred to your mobile device and imported into OpenKeychain. Finally, change the passphrase of your master key with gpg2 --change-passphrase YOURMASTERKEYID to something as long as you can stand. The longer the passphrase, the more secure it is. On a computer, entering a long keyphrase isn't a big deal (especially since GnuPG includes the gnupg-agent which caches the passphrase for a while). On a phone, the passphrase needs to be short enough to be reasonably easy to get right with the small on-screen keyboards. OpenKeychain, too, includes a caching and quick-unlock function which makes it more user friendly.

Should your phone keyphrase be compromised, e.g. through a keylogger, your master key will still be safe because it uses a different keyphrase. Should you assume breach of your subkeys, it is simple to remove them from your master key, generate a new set of subkeys, and re-deploy them to your phone. But do safeguard your master key - if that's ever compromised, it's game over...

Useful Links

• Thunderbird, Enigmail, and OpenPGP for Linux
• Using OpenPGP subkeys in Debian development (it's more generic than it sounds)
• Creating the Perfect GPG Keypair