Tails is very useful if you want to be more anonymous by running everything through the tor network; but it is especially interesting for nomad activists who travel without a laptop of their own. This is because of the “Persistent Storage” feature.
If you setup a Persistent Storage on your Tails stick, you can keep all of your passwords, encryption keys, and other data on an encrypted partition of your Tails stick. This way you can travel without a laptop, and when you need to access your emails to write an important message to your family or organize with activists or supporters, you have all of your accounts directly on your Tails stick. You just need to borrow a laptop.
Unfortunately, many programs don’t work “out of the box” on Tails. For some it’s impossible, like Signal – because you can’t configure it to use Tor for talking to the Internet. For some other messengers you can find guides, e.g. Element or Wire. With Delta Chat it works quite well, it’s just a bit slower than running Delta Chat directly on a laptop. These 4-5 steps should be enough to get it working for you:
Step 0: Enable Persistent Storage
If you use Persistent Storage already, you can skip this step.
If not, you can follow this easy guide which explains it much better than I could.
Note: you need to enable “Persistent Folder” and “Dotfiles” for Delta Chat to work as expected and store your data!
Start Tails with your Persistent Volume unlocked to continue. And also set an admin password again, we will need it later.
Step 1: Download Delta Chat
On get.delta.chat you can download the Linux Client. It’s available in different flavours: we need the AppImage version. This has the advantage that we don’t need to install Delta Chat in Tails, we can just run it directly from the .AppImage file.
Best you save it to /home/amnesia/Persistent/Tor Browser/, so you don’t need to download it every time you reboot Tails.
Step 2: Make the Config Folder Persistent
Delta Chat stores all its messages, encryption keys, account configuration, etc. in the /home/amnesia/.config/DeltaChat folder. Unfortunately even with a Persistent Volume we need to go an extra step to make it persistent. And for this we need the command line – don’t worry, you can’t break anything here. Maybe you learn something 🙂
First we need to open a Terminal. Put your Mouse Pointer to the top left to open the application chooser, and search for “terminal” (we don’t need the Root Terminal for this step):
One note about the terminal: if you want to copy-paste commands from this article to the terminal, simply pressing ctrl + v will not work; you need to press ctrl + shift + v to paste into a terminal.
First, let’s check that the .config/DeltaChat folder is not created already. We start in the /home/amnesia folder, so we can check the content of .config with the following command: ls -l .config. (It shouldn’t be there yet… if there is a DeltaChat folder already, let’s move it to the Persistent part of Tails with mv .config/DeltaChat Persistent/.)
Then we need to create a link to the Persistent folder, so Delta Chat stores its data in the right location. To do this, run ln -s /home/amnesia/Persistent/DeltaChat .config/ (don’t worry if the command line doesn’t give you a “success” message – as long as a command line doesn’t give you an error, it means it worked.)
We can check with ls -l .config whether it worked: there should be a red entry with the link we just created.
If it’s red, don’t worry, that just means that the link points to nowhere. So let’s just create an empty folder there. You can do this with mkdir Persistent/DeltaChat. Now ls -l .config should show a blue entry for the Delta Chat folder:
Now usually the link would be deleted when you restart Tails. We need to make this change persistent, so we don’t need to run this every time we start Tails. This should be accomplished by these two commands:
echo "ln -s /home/amnesia/Persistent/DeltaChat /home/amnesia/.config" >> ~/.profile
sudo cp -a ~/.profile /live/persistence/TailsData_*nlocked/dotfiles/(The second command will ask you for the admin password you specified when you started Tails. Don’t be surprised if apart from that there is no output – this probably means they worked. To check whether they worked, reboot Tails and look if the link in .config still exists/was recreated successfully.)
Step 3: Run Delta Chat
Now we only need to make Delta Chat executable to run it. For this, we can use the following command (copy-paste it exactly like this so it works):
chmod u+x Persistent/Tor\ Browser/DeltaChat*.AppImageYou can see whether it worked by looking if the filename is green when you run:
ls -l "Persistent/Tor Browser"
Now we can start Delta Chat! Just double-click on it in the file browser:
Step 4: Use the SOCKS5 Proxy to Connect to Tor
Now we need an account for Delta Chat. You can use any email account to login. If you already used Delta Chat on a different device, it is recommended that you export a backup there, and import it on Tails. If you just login with the same account, new encryption keys will be generated, and you can run into problems. If you run into trouble, exporting a backup on one device and importing it into the other device should fix it.
In the beginning, the connection will not work. Your account needs to be configured to use Tor first. Tails offers a SOCKS5 proxy which any application can use to connect to Tor. For this, go to the settings, and to “Password and Account”. Then click on “Advanced”, and scrolls down to “Use SOCKS5”. Here you need to enter localhost as “SOCKS5 Host” and 9050 as “SOCKS5 PORT”. The rest can stay empty.
When you click “LOG IN”, it will try to connect to Tor. Then it should start downloading your most recent messages. Now you can start using Delta Chat!
Bonus: Add a Friend Through QR Code Scanning
Now that you know how to do it, you can help a friend setting it up. With other Delta Chat users, you can communicate end-to-end encrypted. To ensure that your chat is safe from attackers and always end-to-end encrypted, you should add your friends by scanning their QR codes. This way you verify each other as contacts.
Of course, with a Tails stick you don’t always use a laptop with a webcam; sometimes it will just be the old desktop PC of someone’s grandparents. But you can still verify them by sending them the verification code manually. Note that you both need to be online at the same time for this to work.
In the QR menu, you can just click on “copy to clipboard”. Then you can send the code to your friend, preferaby via a secure channel. It should look like this: OPENPGP4FPR:D1545124C8F9825871236B683E4D4F7310848F27B#a=k2pdz%40testrun.org&n=&i=x0GwuzgeZt_&s=nxWjM_8Vf6e
Now they can also go to their QR menu, and paste the verification code there:
Then the verification process starts. It can take a minute or so, until the verification confirmation appears on both sides:
Voilà – that’s it! Now you can be sure that your communication is end-to-end encrypted.
A New Delta Chat Version is Out – How Can I Upgrade?
More or less every two months, the Delta Chat community publishes a new version of the desktop client. You don’t need to update every time, but with upgrading you get all the new features and bug fixes, so it is recommended. Also, if everyone uses the same version, the app behaves similarly for them, so you can avoid bugs for others if you update regularly.
To upgrade, follow the following steps:
- Close Delta Chat, if it is running
- Download the most recent .AppImage version from https://get.delta.chat
- Move it to the “Persistent/Tor Browser” directory
- Mark it as executable with:
chmod u+x Persistent/Tor\ Browser/DeltaChat*.AppImageNow you can just delete the old version, and launch the new .AppImage with a double click. Voilà !
