[arch-general] offlineimap configuration encrypted pwd

Vojtech Aschenbrenner v at asch.cz
Fri Aug 10 12:30:34 EDT 2012 

Hello, the long story short: :-)

Excerpts from Arno Gaboury's message of 2012-08-10 13:17:06 +0200:
> I just finised creating GnuPG key and setting gpg-agent following the
> wiki. I am a litle bit confused now about a few things and how to use my
> encripted password.
> First, is there any need to add in my .Xressources this line:
> eval $(gpg-agent --daemon)
> I don't think so, but have a doubt.
It is a good practice to run your daemon and save environment values for
your gpg daemon. Everytime you open terminal source these envs. For
example:

# This will run your daemon, so put it into .xinitrc
eval $(gpg-agent -q --write-env-file "${HOME}/.gpg-agent-info" --daemon) &

# This will source environemnt variable for gpg daemon, so put it into
# .zshenv, .bashrc, .whatever_shell_you_use
if [ -f "${HOME}/.gpg-agent-info" ]; then
    . "${HOME}/.gpg-agent-info"
    export GPG_AGENT_INFO
fi

Now the daemon is running like you expect.

> Now about the encrypted pwd. As described in Mutt wiki, I have now a
> file ~/.my-pwds.gpg. The wiki descibes how to use with Mutt. My problem
> is I use offlineimap, so it is in ~/.offlineimaprc I shall indicate the
> encrypted pwd. Is this following line enough ?
> remotepass = ~/.my-pwds.gpg 
> OR shall I add to this following line ?
> source "gpg2 -dq ~/.my-pwds.gpg |" 
You have to create python script, where you will define functions to get
the password. For example:
# At .offlineimaprc
[general]
pythonfile = ~/bin/pwhelper.py

[Repository SomeRemoteServer]
remotepasseval = get_password("server_name")

# Body of my helper ~/bin/pwhelper.py:
import subprocess

def get_password(server):
    if server == "server_name":
        pw = subprocess.check_output(["gpg", "-q", "--no-tty", "-d", "password.gpg"])
        return str(pw).strip()

> I use msmtp to send, so my problem with ~/.msmtprc is same:how to use
> the encrypted pwd?
# In .msmtprc instead of password use:
passwordeval "gpg -q --no-tty -d password.gpg"

> I didn't find any clear answer on Google, so thank you for any help in
> these settings.
You have to take your time and look into manpages, everything is there,
so be patient.

More information about the arch-general mailing list