XMPP

Guide
We assume you're doing it all on Whonix. The instructions are meant for the latest
Debian release at the time, Buster, on which Whonix is based.
If you don't use Whonix, DNS leaks might occur depending on what software you use.
Also, Gajim sends your local time and OS information, which leaks much about you. You
can disable it in Gajim->Preferences->Advanced.

I. Installation
Open Terminal, which is on top panel by default. It's fourth icon on the left,
including the XFCE menu icon.

(not part of installation) To prevent security issues, change password.

To achieve it, type in terminal. Enter current password, which is by default
passwd

"changeme". Then enter new password twice.

If you forget it, boot from ISO, use command and then run to change it. It works on
chroot passwd user

most if not all Unix systems, unless drive is encrypted.

(installation) Run this command in terminal:

sudo apt install gajim gajim-pgp

Then enter your password and confirm the operation.

Run Gajim in XFCE menu, but don't add account yet. Follow these steps:

Open Gajim->Preferences->Advanced. Unselect all the options in "Privacy" section

Open Gajim->Plugins. Select "PGP" plugin in order to enable it

II. Creating account

To be done.

III. Generate OpenPGP keys

Open Terminal Emulator. Remember to use longest key length available, which is 4096.
Ignore the opinion that you shouldn't use so long key, unless you really need to
secure yourself. Nowadays, it doesn't matter that much with speed, modern CPUs are
fast enough.

These commands will be helpful, but don't include signing and encryption:

- generates OpenPGP key

gpg --full-gen-key

- exports Justin's public key (or whoever's you specify, including yours) to
gpg -a --export Justin > pubkey.txt

pubkey.txt file
- imports public key from pubkey.txt file
gpg --import pubkey.txt

Now, you need to assign decryption key in Gajim. Right-click on your username in
contact list. Click "Modify account". Then set "OpenPGP Key" to your own key. There
should be only yours available to select.
You also need to assign keys to users you want to communicate with. Right-click on an
user, Manage Contact->Assign OpenPGP Key. There select the user's key.

You're ready now to use it with encryption.