2012
08.14

so after some more work trying to ensure that my passwords are not easily gotten, i managed to get my passwords encrypted into one file and removed after being read.

here is the snippet from my .muttrc-accounts :

set my_tmp=`gpg -q --no-verbose -o /tmp/.passwords.tmp -d ~/.passwords.gpg`
set my_pass_acct1=`cat /tmp/.passwords.tmp | grep IDENTIFIER1 | awk '{ print $2 }'`
set my_pass_acct2=`cat /tmp/.passwords.tmp | grep IDENTIFIER2 | awk '{ print $2 }'`
set my_del=`rm -f /tmp/.passwords.tmp`

EDIT 03-feb-2014:
reader Kage (thanks btw) posted a way more elegant way of handling the unencryption of passwords:

set my_pass_acct1 = `gpg -q -d ~/.passwords.asc | grep ^acct1 | awk ā€˜{ print $NF }ā€™ | tr -d ā€˜\nā€™`

which is placed under account-hook . 'unset preconnect imap_user imap_authenticators'

the format of the password file:

IDENTIFIER1 password1
IDENTIFIER2 password2

and for all this to work, you just have to change

imap_pass=xxxxxx
smtp_pass=xxxxxx

to

imap_pass = $my_pass_acctx
smtp_pass = $my_pass_acctx

to create the gpg file :

gpg -r EMAIL_ADDRESS_ON_KEY -e PASSWORD_FILE

this all implies that you have gpg installed with your keys already configured.

muttrc-accounts in github

The following two tabs change content below.

Latest posts by cesar (see all)

2 comments so far

Add Your Comment
  1. Thanks for the help. I have one update; extract the keys without using a tmp file:

    set my_pass_acct1 = `gpg -q -d ~/.passwords.asc | grep ^acct1 | awk ‘{ print $NF }’ | tr -d ‘\n’`

    Kage

    • i really like this approach. thanks. i am going to update my configs with this.