this seems almost perfect to me. marvelous, elegant, general, thanks ! (so i do not dare to quote a piece of your email ..)
and is immensely less overkill than the solution I proposed. still I can't stand the need of a wrapper.. if only one could use multi line shell expansion, and place that `gpg --decrypt` straight into the muttrc. but Gandalf's advice is appropriated - this is enough for now :) On [EMAIL PROTECTED]:58, Kyle Wheeler wrote: > On Monday, July 28 at 05:12 PM, quoth Michele Martone: > > I was wondering about some way to protect the passwords potentially > > stored in the mutt rc files (i have multiple acccounts, and I feel > > unconfortable remembering and typing all of them each time using > > mutt) on my Linux laptop. > > The obvious answer is: don't store them in the mutt rc files. Instead, > store them somewhere in encrypted form and extract them when mutt is > loaded. For example: > > set imap_pass=`getpassword [EMAIL PROTECTED] > > Programs that can be used to do this include pwsafe > (http://nsd.dyndns.org/pwsafe/) and passwords > (http://passwords.sourceforge.net/). > > But you can do it even more simply than that! For example, you can use > gpg to encrypt a file that looks like this: > > export ACCT1_PASS=thepassword > export ACCT2_PASS=theotherpassword > export ACCT3_PASS=yetanotherpassword > > Then, once you've encrypted it, you can create a wrapper command for > mutt that will decrypt it and use it to put those passwords into > mutt's environment: > > #!/bin/sh > pwds=`gpg --decrypt ~/.passwords` > eval "$pwds" > exec mutt "$@" > > And finally, in your muttrc, you can simply have things like this: > > set imap_pass=$ACCT1_PASS > > or: > > account-hook account2 'set imap_pass=$ACCT2_PASS' > > Thus, you will be prompted once for a passphrase when mutt loads, and > after that mutt will use those passwords as it needs them without > additional overhead. Nothing will be stored in plaintext on disk, your > encryption is guaranteed to be world-class, and best of all: it will > work on virtually any Unix machine. > > > But how about storing a whole encrypted muttrc file and letting mutt > > to decrypt it with some passphrase ? > > That seems like overkill to me. > > ~Kyle > -- > All we have to decide is what to do with the time that is given us. > -- Gandalf the Grey