[arch-general] offlineimap configuration encrypted pwd
Dear all, I just finised creating GnuPG key and setting gpg-agent following the wiki. I am a litle bit confused now about a few things and how to use my encripted password. First, is there any need to add in my .Xressources this line: eval $(gpg-agent --daemon) I don't think so, but have a doubt. Now about the encrypted pwd. As described in Mutt wiki, I have now a file ~/.my-pwds.gpg. The wiki descibes how to use with Mutt. My problem is I use offlineimap, so it is in ~/.offlineimaprc I shall indicate the encrypted pwd. Is this following line enough ? remotepass = ~/.my-pwds.gpg OR shall I add to this following line ? source "gpg2 -dq ~/.my-pwds.gpg |" I use msmtp to send, so my problem with ~/.msmtprc is same:how to use the encrypted pwd? I didn't find any clear answer on Google, so thank you for any help in these settings. Regards.
Hello, the long story short: :-) Excerpts from Arno Gaboury's message of 2012-08-10 13:17:06 +0200:
I just finised creating GnuPG key and setting gpg-agent following the wiki. I am a litle bit confused now about a few things and how to use my encripted password. First, is there any need to add in my .Xressources this line: eval $(gpg-agent --daemon) I don't think so, but have a doubt. It is a good practice to run your daemon and save environment values for your gpg daemon. Everytime you open terminal source these envs. For example:
Now about the encrypted pwd. As described in Mutt wiki, I have now a file ~/.my-pwds.gpg. The wiki descibes how to use with Mutt. My problem is I use offlineimap, so it is in ~/.offlineimaprc I shall indicate the encrypted pwd. Is this following line enough ? remotepass = ~/.my-pwds.gpg OR shall I add to this following line ? source "gpg2 -dq ~/.my-pwds.gpg |" You have to create python script, where you will define functions to get
I use msmtp to send, so my problem with ~/.msmtprc is same:how to use the encrypted pwd? # In .msmtprc instead of password use:
# This will run your daemon, so put it into .xinitrc eval $(gpg-agent -q --write-env-file "${HOME}/.gpg-agent-info" --daemon) & # This will source environemnt variable for gpg daemon, so put it into # .zshenv, .bashrc, .whatever_shell_you_use if [ -f "${HOME}/.gpg-agent-info" ]; then . "${HOME}/.gpg-agent-info" export GPG_AGENT_INFO fi Now the daemon is running like you expect. the password. For example: # At .offlineimaprc [general] pythonfile = ~/bin/pwhelper.py [Repository SomeRemoteServer] remotepasseval = get_password("server_name") # Body of my helper ~/bin/pwhelper.py: import subprocess def get_password(server): if server == "server_name": pw = subprocess.check_output(["gpg", "-q", "--no-tty", "-d", "password.gpg"]) return str(pw).strip() passwordeval "gpg -q --no-tty -d password.gpg"
I didn't find any clear answer on Google, so thank you for any help in these settings. You have to take your time and look into manpages, everything is there, so be patient.
On 10/08/12||18:30, Vojtech Aschenbrenner wrote:
Hello, the long story short: :-)
Excerpts from Arno Gaboury's message of 2012-08-10 13:17:06 +0200:
I just finised creating GnuPG key and setting gpg-agent following the wiki. I am a litle bit confused now about a few things and how to use my encripted password. First, is there any need to add in my .Xressources this line: eval $(gpg-agent --daemon) I don't think so, but have a doubt. It is a good practice to run your daemon and save environment values for your gpg daemon. Everytime you open terminal source these envs. For example:
# This will run your daemon, so put it into .xinitrc eval $(gpg-agent -q --write-env-file "${HOME}/.gpg-agent-info" --daemon) &
# This will source environemnt variable for gpg daemon, so put it into # .zshenv, .bashrc, .whatever_shell_you_use if [ -f "${HOME}/.gpg-agent-info" ]; then . "${HOME}/.gpg-agent-info" export GPG_AGENT_INFO fi
Now the daemon is running like you expect.
Now about the encrypted pwd. As described in Mutt wiki, I have now a file ~/.my-pwds.gpg. The wiki descibes how to use with Mutt. My problem is I use offlineimap, so it is in ~/.offlineimaprc I shall indicate the encrypted pwd. Is this following line enough ? remotepass = ~/.my-pwds.gpg OR shall I add to this following line ? source "gpg2 -dq ~/.my-pwds.gpg |" You have to create python script, where you will define functions to get the password. For example: # At .offlineimaprc [general] pythonfile = ~/bin/pwhelper.py
[Repository SomeRemoteServer] remotepasseval = get_password("server_name")
# Body of my helper ~/bin/pwhelper.py: import subprocess
def get_password(server): if server == "server_name": pw = subprocess.check_output(["gpg", "-q", "--no-tty", "-d", "password.gpg"]) return str(pw).strip()
I use msmtp to send, so my problem with ~/.msmtprc is same:how to use the encrypted pwd? # In .msmtprc instead of password use: passwordeval "gpg -q --no-tty -d password.gpg"
I didn't find any clear answer on Google, so thank you for any help in these settings. You have to take your time and look into manpages, everything is there, so be patient.
Thank you so much. A lot is in your post. I will take time, as configuring correctly mutt+offlineima+msmtp already have been time consuming for me. Will implement everything and proudly run Mutt with a PGP signature and send encrypted password across the nerwork :-)
On 10/08/12||18:30, Vojtech Aschenbrenner wrote:
Hello, the long story short: :-)
Excerpts from Arno Gaboury's message of 2012-08-10 13:17:06 +0200:
I just finised creating GnuPG key and setting gpg-agent following the wiki. I am a litle bit confused now about a few things and how to use my encripted password. First, is there any need to add in my .Xressources this line: eval $(gpg-agent --daemon) I don't think so, but have a doubt. It is a good practice to run your daemon and save environment values for your gpg daemon. Everytime you open terminal source these envs. For example:
# This will run your daemon, so put it into .xinitrc eval $(gpg-agent -q --write-env-file "${HOME}/.gpg-agent-info" --daemon) &
Will it be OK to add "-connect" if I want to use gpg-agant for ssh too? eval $(gpg-connect-agent -q ....) Then, I have alrday a ~/.gnupg/gpg-agent.conf with this line: write-env-file /home/username/.gpg-agent-info Is it, in this case, necessary to again write this on the above line you mentioned for my .xinitrc ? If I correctly understand, this line in my .xinitrc shall be enough: eval $(gpg-connect-agent --daemon). Am I right?
# This will source environemnt variable for gpg daemon, so put it into # .zshenv, .bashrc, .whatever_shell_you_use if [ -f "${HOME}/.gpg-agent-info" ]; then . "${HOME}/.gpg-agent-info" export GPG_AGENT_INFO fi
Now the daemon is running like you expect.
Now about the encrypted pwd. As described in Mutt wiki, I have now a file ~/.my-pwds.gpg. The wiki descibes how to use with Mutt. My problem is I use offlineimap, so it is in ~/.offlineimaprc I shall indicate the encrypted pwd. Is this following line enough ? remotepass = ~/.my-pwds.gpg OR shall I add to this following line ? source "gpg2 -dq ~/.my-pwds.gpg |" You have to create python script, where you will define functions to get the password. For example: # At .offlineimaprc [general] pythonfile = ~/bin/pwhelper.py
[Repository SomeRemoteServer] remotepasseval = get_password("server_name")
# Body of my helper ~/bin/pwhelper.py: import subprocess
def get_password(server): if server == "server_name": pw = subprocess.check_output(["gpg", "-q", "--no-tty", "-d", "password.gpg"]) return str(pw).strip()
I use msmtp to send, so my problem with ~/.msmtprc is same:how to use the encrypted pwd? # In .msmtprc instead of password use: passwordeval "gpg -q --no-tty -d password.gpg"
I didn't find any clear answer on Google, so thank you for any help in these settings. You have to take your time and look into manpages, everything is there, so be patient.
Excerpts from Arno Gaboury's message of 2012-08-10 19:25:37 +0200:
Will it be OK to add "-connect" if I want to use gpg-agant for ssh too? eval $(gpg-connect-agent -q ....) I don't use gpg agent to manage ssh keys, so try/read man/google it.
Then, I have alrday a ~/.gnupg/gpg-agent.conf with this line: write-env-file /home/username/.gpg-agent-info Is it, in this case, necessary to again write this on the above line you mentioned for my .xinitrc ?
If I correctly understand, this line in my .xinitrc shall be enough: eval $(gpg-connect-agent --daemon).
Am I right? Yep, you're absolutely right.
Good luck with setting up your mailing system :-).
participants (2)
-
Arno Gaboury
-
Vojtech Aschenbrenner