sup talk - Apr 2010 - how to replace (al)pine's passfile functionality

Hi,


(Al)pine has a passfile functionality: a (weakly) encrypted file contains 
the passwords necessary for imap, nntp, and smpt connections. For sup 
(0.11 on ruby 1.8), I use offlineimap and msmpt, both of which need 
passwords either stored in plaintext in their config files or in the netrc 
file. Is there any way to use some kind of encrypted netrc (something in 
the vein of kde''s wallet), which is decrypted/made accessible on login
or
with a one-time password dialog?


Best,

Erik

Excerpts from Erik Quaeghebeur''s message of Mon Apr 26 01:57:39 -0300
2010:
> Hi,
> 
> 
> (Al)pine has a passfile functionality: a (weakly) encrypted file contains 
> the passwords necessary for imap, nntp, and smpt connections. For sup 
> (0.11 on ruby 1.8), I use offlineimap and msmpt, both of which need 
> passwords either stored in plaintext in their config files or in the netrc 
> file. Is there any way to use some kind of encrypted netrc (something in 
> the vein of kde''s wallet), which is decrypted/made accessible on
login or
> with a one-time password dialog?
> 
I use gnome-keyring. I googled a bit and found the post that helped me
when I was setting it up: http://www.clasohm.com/blog/one-entry?entry_id=90957
(if I remember correctly). msmtp is even easier since it has an explicit
option for adding it to the gnome-keyring.
Since you''re mentioning kde wallet I kinda feel this information
won''t
be useful to you but nevertheless...

Mariano

On Mon, 26 Apr 2010 00:57:39 -0400 (EDT), Erik Quaeghebeur <sup at
equaeghe.nospammail.net> wrote:
> Hi,
Hi,
> (Al)pine has a passfile functionality: a (weakly) encrypted file contains 
> the passwords necessary for imap, nntp, and smpt connections. For sup 
> (0.11 on ruby 1.8), I use offlineimap and msmpt, both of which need 
> passwords either stored in plaintext in their config files or in the netrc 
> file. Is there any way to use some kind of encrypted netrc (something in 
> the vein of kde''s wallet), which is decrypted/made accessible on
login or
> with a one-time password dialog?
What I do is to store these sensitive configuration files on some encrypted
filesystem. Encfs and dmcrypt-luks (linux only) are fine choices to do so.

The result is that if someone get root access or your access to the machine
then yes he has the password but its much worse than that since he can setup
a keylogger patch your binaries...

However the good news is that if he needs to reboot the machine then all of
these filesystem will get unreadable.

Regards,

-- 
Nicolas Pouillard
http://nicolaspouillard.fr

> Excerpts from Erik Quaeghebeur''s message of Mon Apr 26 01:57:39
-0300 2010:
> >
> > (Al)pine has a passfile functionality: a (weakly) encrypted file 
> > contains the passwords necessary for imap, nntp, and smpt connections.
> > For sup (0.11 on ruby 1.8), I use offlineimap and msmpt, both of which
> > need passwords either stored in plaintext in their config files or in 
> > the netrc file. Is there any way to use some kind of encrypted netrc 
> > (something in the vein of kde''s wallet), which is
decrypted/made
> > accessible on login or with a one-time password dialog?
On Mon, 26 Apr 2010, Mariano Mara wrote:
>
> I use gnome-keyring. I googled a bit and found the post that helped me 
> when I was setting it up: 
> http://www.clasohm.com/blog/one-entry?entry_id=90957 (if I remember 
> correctly). msmtp is even easier since it has an explicit option for 
> adding it to the gnome-keyring.
Thank you for this information, it is just what I was looking for.
> Since you''re mentioning kde wallet I kinda feel this information
won''t
> be useful to you but nevertheless...
On the contrary: I have gnome-keyring installed, as I need it for the 
gnome-networkmanager applet (the KDE one is not good enough yet). On top 
of that, I hope that the effort to unify both gnome-keyring and kde-wallet 
will allow me to not keep both once kde''s netwrkmanager applet is up to
par: <http://www.freedesktop.org/wiki/Specifications/secret-storage-spec>.

However, I am hampered by the fact that in ubuntu 9.10, msmtp-gnome 
depends on gnome-keyring-manager, a package that does not exist in 9.10!

Anyhow, I''ll get there, currently with baby steps.


Best,

Erik