Hash: SHA1

On Monday, July 28 at 05:12 PM, quoth Michele Martone:
> I was wondering about some way to protect the passwords potentially 
> stored in the mutt rc files (i have multiple acccounts, and I feel 
> unconfortable remembering and typing all of them each time using 
> mutt) on my Linux laptop.

The obvious answer is: don't store them in the mutt rc files. Instead, 
store them somewhere in encrypted form and extract them when mutt is 
loaded. For example:

set imap_pass=`getpassword [EMAIL PROTECTED]

Programs that can be used to do this include pwsafe 
(http://nsd.dyndns.org/pwsafe/) and passwords 

But you can do it even more simply than that! For example, you can use  
gpg to encrypt a file that looks like this:

     export ACCT1_PASS=thepassword
     export ACCT2_PASS=theotherpassword
     export ACCT3_PASS=yetanotherpassword

Then, once you've encrypted it, you can create a wrapper command for 
mutt that will decrypt it and use it to put those passwords into 
mutt's environment:

     pwds=`gpg --decrypt ~/.passwords`
     eval "$pwds"
     exec mutt "$@"

And finally, in your muttrc, you can simply have things like this:

     set imap_pass=$ACCT1_PASS


     account-hook account2 'set imap_pass=$ACCT2_PASS'

Thus, you will be prompted once for a passphrase when mutt loads, and 
after that mutt will use those passwords as it needs them without 
additional overhead. Nothing will be stored in plaintext on disk, your 
encryption is guaranteed to be world-class, and best of all: it will 
work on virtually any Unix machine.

> But how about storing a whole encrypted muttrc file and letting mutt 
> to decrypt it with some passphrase ?

That seems like overkill to me.

- -- 
All we have to decide is what to do with the time that is given us.
                                                    -- Gandalf the Grey
Comment: Thank you for using encryption!


Reply via email to