On Mon, Jun 06, 2011 at 01:22:42PM -0400, Chris Brennan wrote: > > Well, it can't, actually. I've got it encrypted with gpg, and then in > > my .muttrc, I have: > > > > set imap_pass = `gpg --quiet --decrypt ~/.mutt-password-gmail` > > > > Note the backticks. This is for bash, but should work for all shells. > > Also, make sure you encrypt to yourself so that only your private key > > can decrypt it. Of course, gpg will still ask you to unlock the key > > when you start mutt anyway, so I don't really if it's a saving. :P > > I'll keep that handy .... would that work for my actual gmail password > as well?
Well, perhaps you misunderstood me (or I misunderstand you now), but "~/.mutt-password-gmail" is a file containing my password in encrypted form, which was generated using "gpg --encrypt > .mutt-password-gmail"; just make sure you encrypt it to yourself, and nobody else. > > Can you please tell me the exact sequence you use to try to sign a > > message? > > Compose/reply to a piece of mail, esc:x to save it, I get moved to the > post-reply window. From there 'p', 'a' to Sign As, it asks for my KEY ID, Can you try using 'p', then 's'? > I enter either the 8-charater, 10-char hex, or my e-mail for my key and it > asks me to confirm the right key, since there is only one to choose from, > I hit enter. and I see the MINE and Security entries update in the header. > > Security: Sign (PGP/MIME) > sign as: 0xD5B20C0C > > From that point, I hit 'y' to send and mutt prompts for my password, I > enter it like a good drone, when I do, mutt then clears and I see my shell, > and the following message is printed to stdout: > > gpg: skipped "0xD5B20C0C": Bad passphrase > gpg: signing failed: Bad passphrase > Press any key to continue... > > But I know my pass is right. > > > Also, can you automatically verify my messages? To get my key, use > > gpg2 --recv-keys BE773416 > > Then, when you open (you'll need to close and open again) my messages in > > mutt, it should say "signature verified" at the top. > > I got your key without issue, but I don't see "signature verified" at the top. Did you close and open my message after receiving the key? And can you make sure you got my key by doing "gpg2 --list-keys"? However, it seems to me like gpg and mutt aren't talking to each properly. We'll see after you try 'p' 's'. Tim -- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
signature.asc
Description: Digital signature
