Quick start guide

sett-gui quick start

Initial setup

  1. Download sett-gui from the download page. If you downloaded an installer, install sett-gui by double-clicking on the installer file.
  2. Run sett-gui by double-clicking on the executable file or by launching the installed app.

Key management

  1. If you do not already have a private/public PGP key pair, go to the Keys tab and create one clicking on Add > Generate new key pair. See also the instructions given in the Generate a new public/private PGP key pair section.

    You should then see your new key listed in the Keys tab, along with “Private” label that indicates that the private material for this key is present in the local keystore.

  2. If not already done, download the public PGP key of the recipient(s) to whom you intend to send data (or from whom you will receive data). In sett-gui, go to the Keys tab and click on Add > Import from keyserver. See also the instructions given in the download public PGP keys from the keyserver section.

  3. Just after downloading the recipient’s PGP key, verify it to make sure that it is genuine. This can be done by either:

    • If you are a BioMedIT user: in sett-gui, verify that the recipient’s key is labelled with a green Approved label. You can also expand the details of the key by clicking on the key in the list or on the small ^ button to the right and verify that the Approval status is set to “Approved”, and the Revocation status is set to “Valid”.
    • Alternatively, contact the key owner and verify the key fingerprint with them.

Encrypting data

  1. Go to the Encrypt tab of the sett-gui interface.

  2. Add one or more files and directories to encrypt by clicking the Add files or Add directories buttons.

  3. Select sender: select your own PGP key. This is the key that will be used to sign the encrypted data.

  4. Select recipients: add one or more recipients by selecting them in the drop-down. These are the keys that will be used to encrypt the data, i.e. only these recipients will be able to decrypt the data.

  5. Transfer ID: specifying a valid Data Transfer Request ID is mandatory when a data package is transferred into the BioMedIT network. For other destinations, the Transfer ID field can be left empty (or set to any arbitrary value), and the Verify package checkbox must be disabled (in the Settings tab).

  6. Select destination: select local to encrypt to your local file system, and choose a destination directory.

  7. Click Encrypt package - or Send package, if you chose s3 or sftp as your destination - to run the encryption workflow on your data.

Transferring data

  1. Go to the Transfer tab of the sett-gui interface.

  2. Select a file to transfer using the Select file button.

  3. Select the Destination to be used (sftp, s3).

  4. Enter the required destination parameters.

  5. Click Send package to start transferring your files.

Decrypting data

  1. Go to the Decrypt tab of the sett-gui interface.
  2. Select a file to decrypt using the Select file button.
  3. Specify your desired destination directory.
  4. Click on Decrypt package.

sett command line quick start

The main commands to manage keys, encrypt, transfer and decrypt data with sett command line interface are given here.

# Generate a new key pair:
sett keys generate
# Import sender/recipient(s) public keys:
sett keys import from-keyserver alice@example.com

# Data encryption:
sett encrypt local --signer alice@email.com --recipient bob@example.com FILES_OR_DIRECTORIES_TO_ENCRYPT

# Data transfer
# to SFTP server:
sett transfer sftp --host HOST --username USERNAME --base-path DESTINATION_DIRECTORY --key-path SSH_KEY_LOCATION --key-pwd SSH_KEY_PASSWORD FILES_TO_TRANSFER
# to S3 object store:
sett transfer s3 --endpoint ENDPOINT --bucket BUCKET --access-key ACCESS_KEY --secret-key SECRET_KEY FILES_TO_TRANSFER

# Data decryption:
sett decrypt ENCRYPTED_FILES.zip