Add documentation related to the SecureDrop Menu. (#469)

freedomofpress · Jun 22, 2023 · e4e3d34 · e4e3d34
1 parent 4506d03
commit e4e3d34
Show file tree

Hide file tree

Showing 8 changed files with 42 additions and 11 deletions.
diff --git a/docs/admin/deployment/remote.rst b/docs/admin/deployment/remote.rst
@@ -14,8 +14,10 @@ network, allowing you to access the servers using an *Admin Workstation*
 from anywhere in the world where you have a stable internet connection and
 are able to access the Tor network.
 
-To do so, simply open a Terminal from your *Admin Workstation* and run either
-the ``ssh app`` or ``ssh mon`` command, depending on which server you are intending
+To do so, simply select the "SSH into the App Server" or "SSH into the Monitor
+Server" option in the *SecureDrop Menu* from your *Admin Workstation*.
+Alternately, you can open a Terminal and run either the ``ssh app`` or
+``ssh mon`` command, depending on which server you are intending
 to access.
 
 This is useful for routine maintenance and log investigation tasks, although

diff --git a/docs/admin/installation/configure_admin_workstation_post_install.rst b/docs/admin/installation/configure_admin_workstation_post_install.rst
@@ -46,6 +46,8 @@ In addition, the script creates desktop and menu shortcuts for the Source
 and *Journalist Interfaces*, directs Tails to install Ansible at the
 beginning of every session, and sets up SSH host aliases for the servers.
 
+The script is also responsible for enabling the *SecureDrop Menu*.
+
 The only thing you need to remember to do is enable
 persistence when you boot the *Admin Workstation*. If you are
 using the *Admin Workstation* and are unable to connect to any

diff --git a/docs/admin/reference/admin_interface.rst b/docs/admin/reference/admin_interface.rst
@@ -8,10 +8,11 @@ instance's web interfaces.
 Logging in
 ^^^^^^^^^^
 
-To log in to the *Admin Interface*, start the *Admin Workstation* with persistence
-enabled and double-click the *Journalist Interface* icon on the Desktop. Tor Browser
-will start and load the login page for the *Journalist Interface*. Use your username,
-passphrase, and two-factor authentication token to log in.
+To log in to the *Admin Interface*, start the *Admin Workstation*
+with persistence enabled. Open the *SecureDrop Menu* and select the
+"Launch Journalist Interface" option. Tor Browser will start and load the login
+page for the *Journalist Interface*. Use your username, passphrase, and
+two-factor authentication token to log in.
 
 By default, you will be logged in to the *Journalist Interface*'s source list page.
 

diff --git a/docs/admin/reference/ssh_access.rst b/docs/admin/reference/ssh_access.rst
@@ -15,6 +15,9 @@ You can access your *Application Server* and *Monitor Server* via SSH by
 using either the ``ssh app`` or ``ssh mon`` commands (respectively) from an
 *Admin Workstation*.
 
+For quick access, use the "SSH into the App Server" and "SSH into the Monitor
+Server" options in the *SecureDrop Menu*.
+
 In this section we cover basic commands you may find useful when you SSH into
 the *Application Server* and *Monitor Server*.
 

diff --git a/docs/glossary.rst b/docs/glossary.rst
@@ -133,6 +133,23 @@ The associated private key is used by the admin to access encrypted OSSEC alerts
 from the *Monitor Server*. Instructions for setting up OSSEC alerts can be found
 in the :doc:`OSSEC Guide <admin/maintenance/ossec_alerts>`.
 
+.. _securedrop_menu:
+
+SecureDrop Menu
+---------------
+The *SecureDrop Menu* is a dedicated menu available in both the
+*Admin Workstation* and the *Journalist Workstation*. It is located on the top
+bar, and is available once a Tor connection has been established.
+
+|The SecureDrop Menu|
+
+It provides access to the *Source Interface* and *Journalist Interface*,
+allows you to check for updates to SecureDrop, and gives you quick access to
+a file browser and KeePassXC vault.
+
+On an *Admin Workstation*, it also allows quick SSH access to connect to the
+*Application Server* and *Monitor Server*.
+
 
 .. _svs:
 
@@ -220,3 +237,6 @@ authentication codes. We recommend using one of:
 -  A `YubiKey <https://www.yubico.com/products/>`__
 
 .. include:: includes/otp-app.txt
+
+.. |The SecureDrop Menu| image:: images/securedrop_menu.png
+   :alt: The SecureDrop Menu, showing all available options.
diff --git a/docs/images/securedrop_menu.png b/docs/images/securedrop_menu.png
diff --git a/docs/images/securedrop_menu_desktop.png b/docs/images/securedrop_menu_desktop.png
diff --git a/docs/journalist/workstation.rst b/docs/journalist/workstation.rst
@@ -44,6 +44,9 @@ sometimes Tails upgrades are "manual," which means that you should follow the
 instructions in the `Tails Upgrade Documentation`_ to upgrade the drives. Talk
 to your SecureDrop administrator if you have trouble.
 
+You can also check for and install updates using the "Check for SecureDrop
+Updates" option from the *SecureDrop Menu*.
+
 .. include:: ../includes/update-gui.txt
 
 .. _`Tails
@@ -70,11 +73,11 @@ in Tor Browser. By design, this Onion Service address is only accessible
 from your *Journalist Workstation*; it will not work in Tor Browser on another
 computer, unless explicitly configured with an access token.
 
-To visit the *Journalist Interface*, click the *Journalist Interface* icon on
-the desktop. This will open Tor Browser to an ".onion" address. Log in with
-your username, passphrase, and two-factor authentication token.
-(If you have been provided with a YubiKey,
-see :doc:`Using YubiKey with the Journalist Interface <../admin/deployment/yubikey_setup>`
+To visit the *Journalist Interface*, open the *SecureDrop Menu* and select the
+"Launch Journalist Interface" option. This will open Tor Browser to an ".onion"
+address. Log in with your username, passphrase, and two-factor authentication
+token. (If you have been provided with a YubiKey, see
+:doc:`Using YubiKey with the Journalist Interface <../admin/deployment/yubikey_setup>`
 for detailed setup and usage information.)
 
 |Journalist Interface Login|