Title: SNC Autocrypt User Guide
Description: Tails OS based SNC Autocrypt communication platform
Desktop Workspace
In this chapter – boot from USB, user login credentials, persistence unlock, login password and persistent store management,
custom software installation, language and date/time, network time.
Booting from live medium (USB key, USB SSD HD, etc.)
- System requirements:
- Intel x86-64 compatible PC with ability to start from a USB stick, or
- x86-64 virtualisation hypervisor
with virtual machine access and boot capability from physical USB devices (Linux KVM supported)
- At least 2 GB of RAM
- BIOS Legacy Boot capability
- BIOS settings: Disabled Fast Boot, Enabled CSM Boot, Enabled Legacy Boot
Note: Apple PowerPC, ARM processors (tablets and phones) are not supported.
- The first time you boot your SNC Autocrypt
live medium, some setup in your computer's BIOS may be needed first.
Since BIOSes vary greatly in features and key bindings, we cannot get into the topic in depth here. Some BIOSes provide a
key to bring up a menu of boot devices at boot time, which is the easiest way if it is available on your system. Otherwise,
you need to enter the BIOS configuration menu and change the boot order to place the boot device for the live system before
your normal boot device. Consult your PC manufacturer's support documentation for exact description of your actions.
Also, original Tails OS Manual provide detailed instructions
how to start OS on Intel or Apple computer.
- If the computer successfully starts Tails OS syslinux bootloader ,
you are presented with a boot menu. If you wait four seconds, or just press enter here,
the system will boot using the default entry (first/top menu entry). In a short time after "three dot" splash screen is diplayed,
you will be presented input window for selection of language and regional settings, also for persistent drive partition unlock passphrase input.
Please enter the passphrase which is written on your SNC Autocrypt live USB media package sticker. You can also chose
Additional Settings - read Tails User Manual for detailed description.
- Assuming you've selected default (first/top) boot menu entry, successfully unlocked persistent partition and booted,
in a short moment you are automatically logged into Gnome desktop environment.
Read further Introduction to GNOME and the Tails desktop
chapter of Tails OS manual. First thing you should do immediately after login - reconfigure persistent drive partition unlock passphrase,
which is written on your SNC Autocrypt live USB media package sticker. For that purpose use Gnome menu Applications > System Tools >
Persistent Store > Change Passphrase.. top left button and instructions provided in
Tails OS Documentation.
SNC Autocrypt specific system configuration and applications
- SNC Autocrypt communication platform runs on top of modified Tails Operating System
and is based on Autocrypt team's phylosophy, that in order
for e-mail encryption to be widely accepted and implemented, it must be convenient and as simple as possible for ordinary user.
Therefore, contrary to extremely strict original Tails OS system security settings, SNC Autocrypt platform implements persistence
across reboots of configuration profiles and user-data of root and default user (amnesia) - it is configured to store /root and
/home/amnesia home directories on locked and encrypted persistence partition of SNC Autocrypt communication platform USB media.
However, functionality of special user's directory /home/amnesia/Tor Browser for downloaded files is retained in a modified manner:
the content of this folder will remain intact after OS shutdown, but will disappear once you reboot OS. This will allow you to transfer
downloaded files to another LUKS block device encryption compatible computer, by plugging in SNC Autocrypt LiveUSB media and entering
passphrase for decryption. Read original Tails User Manual to find more about
using Tor Browser.
- We advocate userfriendly encrypted e-mail communications based on Autocrypt standard,
therefore default e-mail client, included into SNC Autocrypt platform for extra e-mail security, is
Epyrus with Enigmail OpenPGP plugin. Epyrus is a fork of pre-68 version
Mozilla Thunderbird which currently supports Autocrypt standard via Enigmail plugin. Enigmail was originally developed for
Mozilla Thunderbird, but Mozilla Corporation since 2021 removed
Autocrypt OpenPGP support
from their post-68 versions of Thunderbird. We provide Epyrus/Thunderbird e-mail client
tutorial on our Salvio NC file server.
- As a secure mean of decentralized communication, we provide DeltaChat application,
which uses End-to-End Encryption with Autocrypt and CounterMITM protocols,
your e-mail accounts for identification, and needs no centralized server registration to provide
PP2P (Personal Peer to Peer Protocol) chat. For further assistance,
use DeltaChat online help.
Persistent storage, custom software installation, language and date/time, network time
- Persistent storage is already pre-configured and used for SNC Autocrypt specific additional software
located in /opt directory and persistence of root and default user (amnesia) home directories
by default. You can reject it by not providing
decryption passphrase during welcome login screen, in such case you will get full security features of out
SNC Autocrypt functionality. You can also delete persistent storage via Gnome menu Applications > System Tools >
Persistent Store > Delete.. top right button and instructions provided in
Tails OS Documentation.
If you delete persistence storage, SNC Autocrypt specific software and configuration will be lost, your
LiveUSB media will become regular Tais OS and all your custom data will be lost as well. To recover SNC Autocrypt secure communications platform
back to the factory defaults, download and restore original
SNC Autocrypt image from Salvio NC website.
- SNC Autocrypt communication platform retains Tails OS functionality to install additional software in two modes: for current
session only, and persistently across reboots. More details at
Tails OS Documentation.
- Language and regional formats are set in accordance to
original Tails Documentation. SNC Autocrypt retains Tails OS UTC date and time display, which Tails developers declare as a security feature.
Network time synchronization of SNC Autocrypt is specific to Tails OS and is described in details in
Tails Documentation.
Login password, root user management
SNC Autocrypt retains Tails OS default user amnesia, but provides full persistence to its data and configurations, by default it
has no password and is loged in automatically. Security precaution means are implemented regarding root user in the system - read more
at original Tails OS Documentation. For system
administration convenience, root user's configurations are preserved during system reboots by saving /root directory in persistent partition.