Hello alls, In a recent discussion about the mu-tickets file, Sergey wrote that "interfaces to third-party password storing facilities can be implemented, if the facility in question provides a documented API".
Hoping that could be helpful, I made some research to see how other mail clients deal with passwords and to find which APIs currently exist. How do similar tools deal with password managers ? -------------------------------------------------- * Mutt Mutt provides several ways to query for a password. One of them is to set a variable containing the password by querying a password manager (using the "`" quotes): set my_PW = `gpg --decrypt /path/to/password.gpg` set imap_pass = $my_PW Another possibility is to store part of the mutt configuration in an encrypted file, and source it with a line of the form: source "gpg --decrypt /path/to/mutt_conf.gpg" * S-nail S-nail is a fork of Heirloom mailx. The 'agent-shell-lookup' entry of the configuration file can be used to query an external program to get a password: set agent-shell-lookup-USER@HOST="gpg --decrypt /path/to/password.gpg" * msmtp msmtp is a smtp client. It will automatically find a password stored in the gnome keyring (via libsecret). Its configuration file also accepts the entry "passwordeval" to launch an external program to get the password: passwordeval "gpg --decrypt /path/to/password.gpg" * git I accidently found some mentions concerning git. The credential directory of its source tree contains implementations of several password managers APIs: netrc, gnome-keyring, libsecret, osxkeychain, and wincred. Cf: https://github.com/git/git/blob/master/contrib/credential/ Concerning the netrc implementation, if the file has the '.gpg' extension, git will decrypt it before parsing it. Which are the password managers' APIs? -------------------------------------- There are several command lines tools to manage passwords. They include an option to display the password. For example, the command 'pass' can be used as follow: $ pass mail/host/user There is a freedesktop secret API draft about applications which communicates with a secret service using DBUS. Gnome-keyring and Ksecretservice are two implementations of a Secret Service https://specifications.freedesktop.org/secret-service/ There is a KDE_Utils/kwallet tool, but "it may happen that some day KWallet will be replaced by Ksecretservice". Ksecretservice is the KDE implementation of the freedesktop secret service API draft. It provides an API to be used by KDE tools. It has apparently no command line tool yet. https://community.kde.org/KDE_Utils/ksecretsservice There was a libnome-keyring API, but it is now deprecated. One should use libsecret instead. Libsecret is the gnome implementation of the freedesktop secret service API draft. It provides an API to be used by gnome tools. Libsecret comes with a command line tool to store and retrieve passwords: 'secret-tool'. https://wiki.gnome.org/Projects/Libsecret https://people.gnome.org/~stfw/libsecret-docs/ Kind regards, Pierre-Jean. _______________________________________________ Bug-mailutils mailing list [email protected] https://lists.gnu.org/mailman/listinfo/bug-mailutils
