Merge pull request #538 from freedomofpress/document-tails6

Update documentation for Tails 6

docs/admin/deployment/onboarding_admins.rst

@@ -62,7 +62,7 @@ To set up AW2, follow these steps:
     When prompted, store the keypair in the default location.
 15. Run the command ``./securedrop-admin tailsconfig`` in ``~/Persistent/securedrop``.
 
-    This will set up desktop shortcuts and SSH access.
+    This will set up the *SecureDrop Menu* and SSH access.
 16. In a terminal, type the following commands to authorize the newly created SSH keypair
     on your servers:
 
@@ -81,7 +81,7 @@ To set up AW2, follow these steps:
         mon
 
 19. Confirm that you are able to access the *Source Interface* and the *Journalist
-    Interface* using the desktop shortcuts.
+    Interface* using the *SecureDrop Menu*.
 20. :ref:`Initialize a passphrase database <keepassxc_setup>` on AW2.
     Store the admin account details using KeePassXC, and other account
     information this admin will need in the course of administering this

docs/admin/deployment/onboarding_journalists.rst

@@ -110,7 +110,7 @@ to access the servers over SSH.
 
 - Once the ``tailsconfig`` command is complete, verify that the *Source* and
   *Journalist Interfaces* are accessible at their v3 addresses via the
-  SecureDrop desktop shortcuts.
+  SecureDrop Menu.
 
 - Securely wipe the files on the *Transfer Device*, by right-clicking them
   in the file manager and selecting **Wipe**.

docs/admin/installation/configure_admin_workstation_post_install.rst

@@ -42,11 +42,9 @@ collected from files in
 ``~/Persistent/securedrop/install_files/ansible-base`` and stored in
 ``~/Persistent/.securedrop/torrc_additions`` thereafter.
 
-In addition, the script creates desktop and menu shortcuts for the Source
-and *Journalist Interfaces*, directs Tails to install Ansible at the
-beginning of every session, and sets up SSH host aliases for the servers.
-
-The script is also responsible for enabling the *SecureDrop Menu*.
+In addition, the script creates the *SecureDrop Menu*, directs Tails to
+install Ansible at the beginning of every session, and sets up SSH host
+aliases for the servers.
 
 The only thing you need to remember to do is enable
 persistence when you boot the *Admin Workstation*. If you are

docs/admin/maintenance/backup_workstations.rst

@@ -211,7 +211,7 @@ You may now repeat the restore process for any other USBs that you wish to
 restore, or shut down the host Tails USB and test your new workstation USB by
 booting it with persistence unlocked and verifying its functionality.
 
-.. |Browse to Places Computer| image:: ../../images/tails_5x/browse_to_places_computer.png
+.. |Browse to Places Computer| image:: ../../images/tails_6x/browse_to_places_computer.png
 .. |Click Cogs| image:: ../../images/tails_4x/disks_format_partition.png
 .. |Fill in Passphrase| image:: ../../images/upgrade_to_tails_3x/fill_in_passphrase.png
 .. |Format Backup Drive| image:: ../../images/tails_4x/format_backup_drive.png

docs/admin/maintenance/rebuild_admin.rst

@@ -384,8 +384,8 @@ Once the command completes successfully, run
 
 Once this command is complete:
 
- - verify that the desktop shortcuts for the *Source* and *Journalist Interfaces*
-   work correctly, opening their respective homepages in Tor Browser.
+ - verify that the *SecureDrop Menu* for the *Source* and *Journalist Interfaces*
+   works correctly, opening their respective homepages in Tor Browser.
 
 To revert the changes made to enable temporary local SSH access, you
 should reboot the servers, by issuing the following commands in a terminal:
@@ -431,8 +431,8 @@ Once this command completes:
    to refer to Onion URLs instead of direct IP addresses
  - verify that you can connect to
    the servers using ``ssh app`` and ``ssh mon``
- - verify that the desktop shortcuts for the *Source* and *Journalist Interfaces*
-   work correctly, opening their respective homepages in Tor Browser.
+ - verify that the *SecureDrop Menu* for the *Source* and *Journalist Interfaces*
+   works correctly, opening their respective homepages in Tor Browser.
 
 Step 8: Post-rebuild tasks
 ==========================

docs/journalist/documents.rst

@@ -263,23 +263,13 @@ To open the *Export Device* on the *Secure Viewing Station*, follow these steps:
 1. If your *Export Device* has a physical write protection switch, make sure
    it is in the *unlocked* position.
 2. Plug the *Export Device* into the *Secure Viewing Station*.
-3. Click **Applications ▶ Utilities ▶ Unlock VeraCrypt Volumes**
-4. Under "Partitions and Drives", select the *Export Device* and click
-   **Unlock**.
-5. Enter your passphrase, which we recommend keeping in your own personal
+3. Enter your passphrase, which we recommend keeping in your own personal
    password manager (e.g., on your smartphone), not on *KeePassXC*.
-6. Under "Partitions and Drives", open the encrypted drive by clicking
-   **Open**.
+   
+|Unlock VeraCrypt|
 
-Steps 3-6 are illustrated below:
+4. Click Unlock. 
 
-|Unlock VeraCrypt in Tails 1|
-
-|Unlock VeraCrypt in Tails 2|
-
-|Unlock VeraCrypt in Tails 3|
-
-|Unlock VeraCrypt in Tails 4|
 
 The *Export Device* should now open in the file manager. If there are still
 files on the *Export Device* from your last copy operation,
@@ -395,14 +385,9 @@ bottom of the page. You will be prompted for confirmation.
 
 .. |Wiping documents| image:: ../images/manual/viewing5.png
    :alt: Files application displaying the menu that opens after a right-click on a file. The 'Wipe' entry is selected.
-.. |Unlock VeraCrypt in Tails 1| image:: ../images/manual/unlock_veracrypt_in_tails_1.png
-   :alt: The Applications menu on the Tails desktop. The 'Unlock VeraCrypt Volumes' entry is selected.
-.. |Unlock VeraCrypt in Tails 2| image:: ../images/manual/unlock_veracrypt_in_tails_2.png
-   :alt: Dialog box called 'Unlock VeraCrypt Volumes'. It displays an 'Unlock' button next to a drive name.
-.. |Unlock VeraCrypt in Tails 3| image:: ../images/manual/unlock_veracrypt_in_tails_3.png
-   :alt: Dialog box asking for a passphrase to unlock a VeraCrypt volume. The 'Unlock VeraCrypt Volumes' dialog box can be seen underneath.
-.. |Unlock VeraCrypt in Tails 4| image:: ../images/manual/unlock_veracrypt_in_tails_4.png
-   :alt: Dialog box called 'Unlock VeraCrypt Volumes'. It displays an 'Open' button next to a drive name.
+.. |Unlock VeraCrypt| image:: ../images/manual/unlock_veracrypt_in_tails6.png
+   :alt: The 'Authentication Required' menu that appears when you plug in a Veracrypt drive. The 'password' box is selected.
+   :width: 100%
 .. |br| raw:: html
 
     <br>

docs/journalist/workstation.rst

@@ -172,7 +172,7 @@ the *Submission Private Key*. To recall the conversation history between your
 organization and sources, you can also download replies and transfer them to
 the *Secure Viewing Station* for decryption.
 
-.. |Connect to Tor in Tails| image:: ../images/tails_5x/tails_5-tca_with_default_settings.png
+.. |Connect to Tor in Tails| image:: ../images/tails_6x/tails_6-tca_with_default_settings.png
    :alt: Tor Connection Assistant with default settings.
 .. |Journalist Interface Login| image:: ../images/manual/screenshots/journalist-index_with_text.png
    :alt: Login page to access the journalist interface. It requires a username, passphrase and two-factor authentication token.

docs/passphrase_best_practices.rst

@@ -52,7 +52,7 @@ menagerie of credentials.
 We have tried to minimize the number of credentials that Journalists and
 admins actually have to *remember* by automating the storage and entry
 of credentials on the Tails workstations wherever possible. For example,
-shortcut icons are created on the Desktop of each Tails workstation to make it
+a dedicated SecureDrop Menu is provided on each Tails workstation to make it
 easy to access the onion services without having to look up their
 ``.onion`` addresses every time.