Before you begin

Before you get started, you should familiarize yourself with the Overview, Terminology, and the Passphrases involved in SecureDrop’s operations. You may wish to leave these documents open in other tabs for reference as you work.

SecureDrop is a technical tool. It is designed to protect journalists and sources, but no tool can guarantee safety. This guide will instruct you in installing and configuring SecureDrop, but it does not explain how to use it safely and effectively. Put another way: at the end of this guide, you will have built a car; you will not know how to drive. Make sure to review the Deployment Guide to review best practices for SecureDrop deployments.

Installing SecureDrop is an extended manual process which requires a bunch of preparation and equipment. You should probably set aside a day to complete the install process. A successful install requires an admin with at-least basic familiarity with Linux, the GNU core utilities and Bash shell. If you are not proficient in these areas, it is strongly recommended that you contact the Freedom of the Press Foundation for installation assistance.

Before you begin, you will need to assemble all the hardware that you are going to use.

To better assist in the installation process, you can organize your work using the SecureDrop Installation Worksheet. It is critical you destroy this worksheet when your installation is complete and all of your passphrases have been safely stored in a password manager.

When running commands or editing configuration files that include filenames, version numbers, usernames, and hostnames or IP addresses, make sure you use the appropriate values for your instance.

Once you’re familiar with SecureDrop, you’ve made your plan, your organization is ready to follow-through and you have the required hardware assembled before you, you’re ready to begin.