-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Monday, July 28 at 09:53 PM, quoth Michele Martone:
> this seems almost perfect to me. marvelous, elegant, general, thanks !
> (so i do not dare to quote a piece of your email ..)
Happy to help!
> still I can't stand the need of a wrapper.. if only one could use
> multi line shell expansion, and place that `gpg --decrypt` straight
> into the muttrc.
Well, I thought about that. We can solve it, but there are drawbacks
(such as needing other software, or using a temporary file).
For example, if you use gpg-agent to store your passphrase, then you
can encrypt each password as its own file:
echo password | gpg --encrypt -o ~/.acct1_pass
echo password2 | gpg --encrypt -o ~/.acct2_pass
Then put this into your muttrc:
set my_acct1_pass=`gpg --decrypt ~/.acct1_pass`
set my_acct2_pass=`gpg --decrypt ~/.acct2_pass`
account-hook account2 'set imap_pass=$my_acct2_pass'
The key to making that convenient, though, is using gpg-agent to store
your passphrase (so you don't have to enter it multiple times).
If mutt could pass $my_* variables into shell escapes (or could
directly manipulate its own variables the way that bash can (e.g.
${my_acctpwds#*:})), then you could try using a separator character in
your passwords (such as a colon) and then figure them out within the
muttrc. For example, you could create the encrypted file like so:
echo password1:password2 | gpg --encrypt -o ~/.acctpwds
Then put this in your muttrc:
set my_acctpwds=`gpg --decrypt ~/.acctpwds`
set my_acct1_pass=`echo $my_acctpwds | cut -d: -f1`
set my_acct2_pass=`echo $my_acctpwds | cut -d: -f2`
But, of course, since you can't do that... c'est la vie. :)
Now, it's also possible to use a temporary file to do this:
set my_acctpwds=`gpg --decrypt ~/.acctpwds > ~/tmp/acctpwds`
set my_acct1_pass=`cut -d: -f1 ~/tmp/acctpwds`
set my_acct2_pass=`cut -d: -f2 ~/tmp/acctpwds ; rm ~/tmp/acctpwds`
But that's obviously suboptimal if you're trying to avoid ever having
that stuff on disk in plain text. It may be more acceptable if you
have a memory-only filesystem somewhere (such as tempfs on Linux), but
we're getting into the realm of specialized software again.
~Kyle
- --
I am ready to meet my Maker. Whether my Maker is ready for the great
ordeal of meeting me is another matter.
-- Winston Churchill
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!
iEYEARECAAYFAkiOOPYACgkQBkIOoMqOI17KYwCeKXdZMcTLvL/yDoLib7TrQXR9
BasAoJxchtRVq0yZfSs77uX5nUMRYk1v
=EBqZ
-----END PGP SIGNATURE-----
