configure.mdwn 11.3 KB
Newer Older
Tails developers's avatar
Tails developers committed
1
[[!meta title="Create & configure the persistent volume"]]
2
3
4

[[!inline pages="doc/first_steps/persistence.caution" raw="yes"]]

Tails developers's avatar
Tails developers committed
5
6
[[!toc levels=2]]

Tails developers's avatar
Tails developers committed
7
Start the persistent volume assistant
8
=====================================
9

10
To start the persistent volume assistant, choose
11
12
13
<span class="menuchoice">
  <span class="guimenu">Applications</span>&nbsp;▸
  <span class="guisubmenu">Tails</span>&nbsp;▸
Tails developers's avatar
Tails developers committed
14
  <span class="guimenuitem">Configure persistent volume</span></span>.
15

Tails developers's avatar
Tails developers committed
16
<div class="note">
17

Tails developers's avatar
Tails developers committed
18
19
The error message <span class="emphasis">Error, Persistence partition is not
unlocked.</span> means that the persistent volume was not enabled from
20
<span class="application">Tails Greeter</span>. So you can not configure it
Tails developers's avatar
Tails developers committed
21
but you can delete it and create a new one.
22

Tails developers's avatar
Tails developers committed
23
</div>
24

Tails developers's avatar
Tails developers committed
25
Creating the persistent volume
26
==============================
27
28

When run for the first time, or after [[deleting the persistent
29
volume|delete]], the assistant proposes to create a new persistent volume on
30
the device from which Tails is running.
31

32
1. The persistent volume is an encrypted partition protected by a passphrase.
33
34
35
36
37
38
39
40
41
Specify a passphrase of your choice in both the
<span class="guilabel">Passphrase</span> and <span class="guilabel">Verify
Passphrase</span> text boxes.

2. Click on the <span class="guilabel">Create</span> button.

3. Wait for the creation to finish.

<div class="bug">
42

43
<strong>If the creation is interrupted before it finishes</strong>, you may not
44
45
be able to start Tails from this device any more. This can happen if you
close the window of the wizard or unplug the USB stick or SD card during the creation of
46
47
the persistent volume. [[Delete|first_steps/reset]] and
[[reinstall|first_steps/installation]] Tails to fix this issue.
48

49
50
</div>

51
52
<a id="features"></a>

53
54
Persistence features
====================
55

56
When run from a Tails device that already has a persistent volume, the assistant
57
shows a list of the possible persistence features. Each feature corresponds to a
58
set a files to be saved in the persistent volume.
59
60

<div class="note">
61

62
63
<strong>Restart Tails to apply the changes</strong> after selecting or
unselecting one or several features.
64

65
66
67
</div>

<div class="bug">
68

Tails developers's avatar
Tails developers committed
69
70
If you unselect a feature that used to be activated, it will be
deactivated after restarting Tails but the corresponding files will
71
remain on the persistent volume.
72

73
74
</div>

Tails developers's avatar
Tails developers committed
75
76
<a id="personal_data"></a>

77
<div class="icon">
78
[[!img stock_folder.png link=no]]
Tails developers's avatar
Tails developers committed
79
<div class="text"><h2>Personal Data</h2></div>
80
81
82
83
84
85
86
87
88
</div>

When this feature is activated, you can save your personal files and working
documents in the <span class="filename">Persistent</span> folder.

To open the <span class="filename">Persistent</span> folder, choose
<span class="menuchoice">
  <span class="guimenu">Places</span>&nbsp;▸
  <span class="guimenuitem">Home Folder</span></span>, and open the <span
89
  class="guilabel">Persistent</span> folder.
90

Tails developers's avatar
Tails developers committed
91
92
<a id="gnupg"></a>

93
<div class="icon">
94
[[!img seahorse-key.png link=no]]
Tails developers's avatar
Tails developers committed
95
<div class="text"><h2>GnuPG</h2></div>
96
97
98
</div>

When this feature is activated, the OpenPGP keys that you create or import are
99
saved in the persistent volume.
100
101

<div class="caution">
102

Tails developers's avatar
Tails developers committed
103
104
105
If you manually edit or overwrite the
<span class="filename">~/.gnupg/gpg.conf</span> configuration file
you may lessen your anonymity,
106
weaken the encryption defaults or render GnuPG unusable.
107

108
109
</div>

Tails developers's avatar
Tails developers committed
110
111
<a id="ssh_client"></a>

112
<div class="icon">
113
[[!img seahorse-key-ssh.png link=no]]
Tails developers's avatar
Tails developers committed
114
<div class="text"><h2>SSH Client</h2></div>
115
116
117
</div>
    
When this feature is activated, all the files related to the secure-shell client
118
are saved in the persistent volume:
119
120
121
122
123
124

  - The SSH keys that you create or import
  - The public keys of the hosts you connect to
  - The SSH configuration file in <span class="filename">~/.ssh/config</span> 

<div class="caution">
125

Tails developers's avatar
Tails developers committed
126
127
128
129
If you manually edit the <span class="filename">~/.ssh/config</span>
configuration file, make sure not to overwrite the
default configuration from the
<span class="filename">/etc/ssh/ssh_config</span> file. Otherwise, you may weaken the
130
encryption defaults or render SSH unusable.
131

132
133
</div>

Tails developers's avatar
Tails developers committed
134
135
<a id="pidgin"></a>

136
<div class="icon">
137
[[!img pidgin.png link=no]]
Tails developers's avatar
Tails developers committed
138
<div class="text"><h2>Pidgin</h2></div>
139
140
141
</div>

When this feature is activated, all the configuration files of the
142
143
<span class="application">Pidgin</span> Internet messenger are saved in the
persistent volume:
144
145
146

  - The configuration of your accounts, buddies and chats.
  - Your OTR encryption keys and keyring.
Tails developers's avatar
Tails developers committed
147
  - The content of the discussions is not saved unless you configure
148
149
150
151
152
    <span class="application">Pidgin</span> to do so.

All the configuration options are available from the graphical interface. There
is no need to manually edit or overwrite the configuration files.

Tails developers's avatar
Tails developers committed
153
154
<a id="claws_mail"></a>

155
<div class="icon">
156
[[!img claws-mail.png link=no]]
Tails developers's avatar
Tails developers committed
157
<div class="text"><h2>Claws Mail</h2></div>
158
159
160
</div>

When this feature is activated, the configuration and emails stored locally by
161
162
the <span class="application">Claws Mail</span> email client are saved in the
persistent volume.
163
164
165
166

All the configuration options are available from the graphical interface. There
is no need to manually edit or overwrite the configuration files.

167
168
169
170
171
172
173
<div class="bug">

<p>The emails of a POP3 account created without using the configuration
assistant are not stored in the persistent volume by default.  For example,
when configuring a second email account.</p>

<p>To make it persistent choose
174
175
<span class="menuchoice">
  <span class="guimenu">File</span>&nbsp;▸
Tails developers's avatar
Tails developers committed
176
  <span class="guimenu">Add Mailbox</span>&nbsp;▸
177
178
179
  <span class="guimenuitem">MH...</span></span> and change the location of the mailbox
from <span class="filename">Mail</span> to <span class="filename">.claws-mail/Mail</span>.</p>

180
181
</div>

Tails developers's avatar
Tails developers committed
182
183
<a id="gnome_keyring"></a>

184
<div class="icon">
185
[[!img seahorse-key-personal.png link=no]]
Tails developers's avatar
Tails developers committed
186
<div class="text"><h2>GNOME Keyring</h2></div>
187
188
189
</div>

When this feature is activated, the secrets of
190
191
<span class="application">GNOME Keyring</span> are saved in the persistent
volume.
192
193
194
195
196
197

GNOME Keyring is a collection of components in GNOME that store secrets,
passwords, keys, certificates and make them available to applications.
For more information about <span class="application">GNOME Keyring</span> see
the [official documentation](http://live.gnome.org/GnomeKeyring).

198
<a id="network_connections"></a>
199
200

<div class="icon">
Tails developers's avatar
Tails developers committed
201
[[!img network-manager.png link=no]]
202
<div class="text"><h2>Network Connections</h2></div>
203
204
</div>

205
When this feature is activated, the configuration of the network devices
Tails developers's avatar
Tails developers committed
206
and connections is saved in the persistent volume.
207

208
209
210
To save passwords, for example the passwords of encrypted wireless connections,
the [[<span class="application">GNOME Keyring</span> persistence
feature|configure#gnome_keyring]] must also be activated.
211

Tails developers's avatar
Tails developers committed
212
213
<a id="apt_packages"></a>

214
<div class="icon">
215
[[!img synaptic.png link=no]]
Tails developers's avatar
Tails developers committed
216
<div class="text"><h2>APT Packages</h2></div>
217
218
219
220
</div>

When this feature is activated, the packages that you install using the
<span class="application">Synaptic</span> package manager or the
221
<span class="command">apt-get</span> command are saved in the persistent volume.
222

223
224
225
If you install additional programs, this feature allows you to download them
once and reinstall them during future working sessions, even offline.
Note that those packages are not automatically installed when restarting Tails.
226
227
228
229

If you activate this feature, it is recommended to activate the
<span class="guilabel">APT Lists</span> feature as well.

Tails developers's avatar
Tails developers committed
230
231
<a id="apt_lists"></a>

232
<div class="icon">
233
[[!img synaptic.png link=no]]
Tails developers's avatar
Tails developers committed
234
<div class="text"><h2>APT Lists</h2></div>
235
236
237
</div>

When this feature is activated, the lists of all the software packages available
238
for installation are saved in the persistent volume.
239
240
241
242
243
244
245

Those so called <span class="emphasis">APT lists</span> correspond to the files
downloaded while doing
<span class="guilabel">Reload</span> from the
<span class="application">Synaptic</span> package manager or issuing the
<span class="command">apt-get update</span> command.

246
247
248
249
The <span class="emphasis">APT lists</span> are needed to install additional
programs or explore the list of available software packages. This feature allows
you to reuse them during future working sessions, even offline.

250
251
252
<a id="browser_bookmarks"></a>

<div class="icon">
Tails developers's avatar
Tails developers committed
253
[[!img user-bookmarks.png link=no]]
254
255
256
257
<div class="text"><h2>Browser bookmarks</h2></div>
</div>

When this feature is activated, changes to the bookmarks in the
258
<span class="application">Tor Browser</span> are saved in the persistent
259
260
volume. This does not apply to the Unsafe web browser.

261
262
263
264
<a id="printers"></a>

<div class="icon">
[[!img printer.png link=no]]
Tails developers's avatar
Tails developers committed
265
<div class="text"><h2>Printers</h2></div>
266
267
</div>

Tails developers's avatar
Tails developers committed
268
When this feature is activated, the configuration of the printers is saved in the
269
270
persistent volume.

Tails developers's avatar
Tails developers committed
271
272
<a id="dotfiles"></a>

273
<div class="icon">
274
[[!img preferences-desktop.png link=no]]
Tails developers's avatar
Tails developers committed
275
<div class="text"><h2>Dotfiles</h2></div>
276
277
</div>

278
When this feature is activated, all the files in the <span
Tails developers's avatar
Tails developers committed
279
class="filename">/live/persistence/TailsData_unlocked/dotfiles</span> folder
280
281
282
are linked in the <span class="filename">Home Folder</span> (files in
subfolders of <span class="filename">dotfiles</span> are also linked
in the corresponding subfolder of your <span class="filename">Home
283
Folder</span>).
284
285
286
287
288
289
290

This option is useful if you want to make some specific files
persistent, but not the folders they are stored in. A fine example are
the so called "dotfiles" (and hence the name of this feature), the
hidden configuration files in the root of your home directory, like
<span class="filename">~/.git</span> and <span
class="filename">~/.bashrc</span>.
291

292
<a id="additional_software"></a>
Tails developers's avatar
Tails developers committed
293

Tails developers's avatar
Tails developers committed
294
295
296
Additional software packages
----------------------------

Tails developers's avatar
Tails developers committed
297
<div class="note">
298

Tails developers's avatar
Tails developers committed
299
This is an experimental feature which does not appear in the assistant.
300

Tails developers's avatar
Tails developers committed
301
302
303
304
</div>

When this feature is enabled, a list of additional software of your
choice is automatically installed at the beginning of every working
305
session. The corresponding software packages are stored in the
Tails developers's avatar
Tails developers committed
306
307
persistent volume. They are automatically upgraded for security
after a network connection is established.
Tails developers's avatar
Tails developers committed
308
309
310
311
312

To use this feature you need to enable both the <span
class="guilabel">APT Lists</span> and <span class="guilabel">APT
Packages</span> features.

313
<div class="note">
314

315
316
317
If you are offline and your additional software packages don't install, it
might be caused by outdated APT Lists. The issue will be fixed next time you
connect Tails to Internet with persistence activated.
318

319
320
</div>

321
322
323
To choose the list of additional software, start Tails with an administrator
password and edit (as an administrator) the file called
`/live/persistence/TailsData_unlocked/live-additional-software.conf`.
324
Each line of this file must contain
Tails developers's avatar
Tails developers committed
325
326
327
328
the name of a Debian package to be installed as an additional software
package.

For example, to automatically install the `dia` software, a diagram
329
330
editor, and the `fontmatrix` software, a font manager, add the following
content to `live-additional-software.conf`:
Tails developers's avatar
Tails developers committed
331

Tails developers's avatar
Tails developers committed
332
333
    dia
    fontmatrix
Tails developers's avatar
Tails developers committed
334

Tails developers's avatar
Tails developers committed
335
336
To learn about the many software packages available in Debian, visit
<http://packages.debian.org/stable/>.
337
338

<div class="caution">
339
340
341

<strong>Installing additional software is at your own risk.</strong>
Most additional software requires extra configuration to be able to
342
connect to the network through Tor, and will not work otherwise. Some other software might, for
343
344
345
example, modify the firewall and break the security built in Tails.
Software not officially included in Tails is not tested for security.

346
</div>