[arch-general] offlineimap configuration encrypted pwd

Arno Gaboury arnaud.gaboury at gmail.com
Fri Aug 10 13:25:37 EDT 2012


On 10/08/12||18:30, Vojtech Aschenbrenner wrote:
> Hello, the long story short: :-)
> 
> Excerpts from Arno Gaboury's message of 2012-08-10 13:17:06 +0200:
> > I just finised creating GnuPG key and setting gpg-agent following the
> > wiki. I am a litle bit confused now about a few things and how to use my
> > encripted password.
> > First, is there any need to add in my .Xressources this line:
> > eval $(gpg-agent --daemon)
> > I don't think so, but have a doubt.
> It is a good practice to run your daemon and save environment values for
> your gpg daemon. Everytime you open terminal source these envs. For
> example:
> 
> # This will run your daemon, so put it into .xinitrc
> eval $(gpg-agent -q --write-env-file "${HOME}/.gpg-agent-info" --daemon) &
> 
Will it be OK to add "-connect" if I want to use gpg-agant for ssh too?
eval $(gpg-connect-agent -q ....)

Then, I have alrday a ~/.gnupg/gpg-agent.conf with this line:
  write-env-file /home/username/.gpg-agent-info
Is it, in this case, necessary to again write this on the above line you
mentioned for my .xinitrc ?

If I correctly understand, this line in my .xinitrc shall be enough:
eval $(gpg-connect-agent --daemon).

Am I right? 


> # This will source environemnt variable for gpg daemon, so put it into
> # .zshenv, .bashrc, .whatever_shell_you_use
> if [ -f "${HOME}/.gpg-agent-info" ]; then
>     . "${HOME}/.gpg-agent-info"
>     export GPG_AGENT_INFO
> fi
> 
> Now the daemon is running like you expect.
> 
> > Now about the encrypted pwd. As described in Mutt wiki, I have now a
> > file ~/.my-pwds.gpg. The wiki descibes how to use with Mutt. My problem
> > is I use offlineimap, so it is in ~/.offlineimaprc I shall indicate the
> > encrypted pwd. Is this following line enough ?
> > remotepass = ~/.my-pwds.gpg 
> > OR shall I add to this following line ?
> > source "gpg2 -dq ~/.my-pwds.gpg |" 
> You have to create python script, where you will define functions to get
> the password. For example:
> # At .offlineimaprc
> [general]
> pythonfile = ~/bin/pwhelper.py
> 
> [Repository SomeRemoteServer]
> remotepasseval = get_password("server_name")
> 
> # Body of my helper ~/bin/pwhelper.py:
> import subprocess
> 
> def get_password(server):
>     if server == "server_name":
>         pw = subprocess.check_output(["gpg", "-q", "--no-tty", "-d", "password.gpg"])
>         return str(pw).strip()
> 
> > I use msmtp to send, so my problem with ~/.msmtprc is same:how to use
> > the encrypted pwd?
> # In .msmtprc instead of password use:
> passwordeval "gpg -q --no-tty -d password.gpg"
> 
> > I didn't find any clear answer on Google, so thank you for any help in
> > these settings.
> You have to take your time and look into manpages, everything is there,
> so be patient.


More information about the arch-general mailing list