Before you begin¶
Before you get started, you should familiarize yourself with the Overview, Terminology, and the Passphrases involved in SecureDrop’s operations. You may wish to leave these documents open in other tabs for reference as you work.
SecureDrop is a technical tool. It is designed to protect journalists and sources, but no tool can guarantee safety. This guide will instruct you in installing and configuring SecureDrop, but it does not explain how to use it safely and effectively. Put another way: at the end of this guide, you will have built a car; you will not know how to drive. Make sure to review the SecureDrop Deployment Best Practices to get the most out of your new SecureDrop instance.
Installing SecureDrop is an extended manual process which requires a bunch of preparation and equipment. You should probably set aside a day to complete the install process. A successful install requires an administrator with at-least basic familiarity with Linux, the GNU core utilities and Bash shell. If you are not proficient in these areas, it is strongly recommended that you contact the Freedom of the Press Foundation for installation assistance.
Before you begin, you will need to assemble all the hardware that you are going to use.
When running commands or editing configuration files that include filenames, version numbers, usernames, and hostnames or IP addresses, make sure you use the appropriate values for your instance.
Once you’re familiar with SecureDrop, you’ve made your plan, your organization is ready to follow-through and you have the required hardware assembled before you, you’re ready to begin.