Re: Question about PGP and mutt
On Fri, Jan 18, 2013 at 06:04:03PM -0700, s. keeling wrote: Incoming from Chris Bannister: On Thu, Jan 10, 2013 at 11:09:48AM -0700, Robert Holtzman wrote: On Thu, Jan 10, 2013 at 07:33:16AM -0600, Dale A. Raby wrote: set pgp_replyencrypt=yes set pgp_timeout=1800 set pgp_good_sign=^gpg: Good signature from I have none of this in my .muttrc and have pgp capability. P shows the pgp menu. This in mutt 1.5.20-9+squeeze2. root@tal:~# ls -al /etc/Muttrc.d/ total 40 drwxr-xr-x 2 root root 4096 Oct 2 18:56 . drwxr-xr-x 109 root root 12288 Jan 11 18:59 .. I'm surprised you'd put that in /etc/Muttrc.d; it's all world- readable. It doesn't take advantage of today's encrypted $HOME partitions. All of my mutt config is in ~/mutt, including my muttrc. I have a ~/.muttrc symlink that points to it. Why would generic gpg commands being world-readable be an issue? Those files are part of the mutt package on Debian/Ubuntu: $ dpkg-query -S /etc/Muttrc.d/gpg.rc mutt: /etc/Muttrc.d/gpg.rc There's nothing to be gained by reading them. [ Btw, mutt will parse ~/.mutt/muttrc if ~/.muttrc doesn't exist. If you dot-prefix your ~/mutt, then you could axe the need for the symlink. ] -- Brandon Sandrowicz
Re: Question about PGP and mutt
Incoming from Brandon Sandrowicz: On Fri, Jan 18, 2013 at 06:04:03PM -0700, s. keeling wrote: I'm surprised you'd put that in /etc/Muttrc.d; it's all world- Why would generic gpg commands being world-readable be an issue? Those Yeah, sorry. I was confusing gnupg with mutt configs. [ Btw, mutt will parse ~/.mutt/muttrc if ~/.muttrc doesn't exist. If you dot-prefix your ~/mutt, then you could axe the need for the symlink. ] I like to keep date stamped copies of old mutt configs in my ~/mutt. It just fits my style better to have a ~/mutt dir and a symlink that points into there. -- Any technology distinguishable from magic is insufficiently advanced. (*) :(){ :|: };: - -
Re: Question about PGP and mutt
On Fri, Jan 18, 2013 at 08:54:34PM -0700, s. keeling wrote: Incoming from Brandon Sandrowicz: On Fri, Jan 18, 2013 at 06:04:03PM -0700, s. keeling wrote: [ Btw, mutt will parse ~/.mutt/muttrc if ~/.muttrc doesn't exist. If you dot-prefix your ~/mutt, then you could axe the need for the symlink. ] I like to keep date stamped copies of old mutt configs in my ~/mutt. It just fits my style better to have a ~/mutt dir and a symlink that points into there. Well, I used to do so a while ago, but by now I am using a git-repository for each of my config folders. It also easies splitting the config into reusable parts and putting it together with all the other related scripts. I wish I had learned that lesson a few years ago.. Regards, Andre -- Andre Klärner smime.p7s Description: S/MIME cryptographic signature
Re: Question about PGP and mutt
Incoming from Andre Klärner: On Fri, Jan 18, 2013 at 08:54:34PM -0700, s. keeling wrote: I like to keep date stamped copies of old mutt configs in my ~/mutt. Well, I used to do so a while ago, but by now I am using a git-repository Sadly, I'm still working on my git-foo. for each of my config folders. It also easies splitting the config into reusable parts and putting it together with all the other related source ~/mutt/aliases source ~/mutt/folder-hook source ~/mutt/save-hook source ~/mutt/fcc-hook source ~/mutt/colors source ~/mutt/charset-hook source ~/mutt/macros source ~/mutt/gnupg Works for me. :-) -- Any technology distinguishable from magic is insufficiently advanced. (*) :(){ :|: };: - -
Re: Question about PGP and mutt
On Thu, Jan 10, 2013 at 11:09:48AM -0700, Robert Holtzman wrote: On Thu, Jan 10, 2013 at 07:33:16AM -0600, Dale A. Raby wrote: set pgp_replyencrypt=yes set pgp_timeout=1800 set pgp_good_sign=^gpg: Good signature from I have none of this in my .muttrc and have pgp capability. P shows the pgp menu. This in mutt 1.5.20-9+squeeze2. root@tal:~# ls -al /etc/Muttrc.d/ total 40 drwxr-xr-x 2 root root 4096 Oct 2 18:56 . drwxr-xr-x 109 root root 12288 Jan 11 18:59 .. -rw-r--r-- 1 root root79 Jul 9 2011 abook.rc -rw-r--r-- 1 root root 410 Jan 15 2011 charset.rc -rw-r--r-- 1 root root 612 Jan 15 2011 colors.rc -rw-r--r-- 1 root root 427 May 9 2011 compressed-folders.rc -rw-r--r-- 1 root root 1406 Jan 15 2011 gpg.rc -rw-r--r-- 1 root root 3648 Jan 15 2011 smime.rc OK, this is on Wheezy, but I expect it isn't that much different than Squeeze -- If you're not careful, the newspapers will have you hating the people who are being oppressed, and loving the people who are doing the oppressing. --- Malcolm X
Re: Question about PGP and mutt
On Thu, Jan 10, 2013 at 01:37:54PM +0100, Andreas Hanke wrote: Hello together, I have a question about PGP and mutt! gpg2 works fine on my system, I have already tested that. In my .muttrc I have that added: /opt/mutt-1.5.21/contrib/gpg.rc So far as I am aware, you do not really need a gpg.rc file, or is it a .gpgrc? You do, however, need quite a bit in your .muttrc. This is the relevant portion of my .muttrc, which works just fine. I am using GnuPG, the open-source equivalent, but it should work the same. You will have to replace the email address associated with your PGP key, and your key code, (both are in parentheses below) but otherwise, you should be able to simply cut and paste this into your current .muttrc file and have secure email. You may test it on me if you wish. PGP email can be difficult to set up, but once working, it seems pretty stable. Enjoy: #paranoid delusional encryption stuff... also check on the use of Steghide set pgp_decode_command=gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f set pgp_verify_command=gpg --no-verbose --batch --output - --verify %s %f set pgp_decrypt_command=gpg --passphrase-fd 0 --no-verbose --batch --output - %f set pgp_sign_command=gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f set pgp_clearsign_command=gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f set pgp_encrypt_only_command=/usr/lib/mutt/pgpewrap /usr/bin/gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to (your key code) -- -r %r -- %f set pgp_encrypt_sign_command=/usr/lib/mutt/pgpewrap /usr/bin/gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 5B707677 -- -r %r -- %f set pgp_import_command=gpg --no-verbose --import -v %f set pgp_export_command=gpg --no-verbose --export --armor %r set pgp_verify_key_command=gpg --no-verbose --batch --fingerprint --check-sigs %r set pgp_list_pubring_command=gpg --no-verbose --batch --with-colons --list-keys %r set pgp_list_secring_command=gpg --no-verbose --batch --with-colons --list-secret-keys %r set pgp_autosign=yes set pgp_sign_as=(the email address you are using for encryption) set pgp_replyencrypt=yes set pgp_timeout=1800 set pgp_good_sign=^gpg: Good signature from -- Think nobody intercepts email? Think again! Gnu Privacy Guard. Not just for spies. signature.asc Description: Digital signature
Re: Question about PGP and mutt
On Thu, Jan 10, 2013 at 07:33:16AM -0600, Dale A. Raby wrote: On Thu, Jan 10, 2013 at 01:37:54PM +0100, Andreas Hanke wrote: Hello together, I have a question about PGP and mutt! gpg2 works fine on my system, I have already tested that. In my .muttrc I have that added: /opt/mutt-1.5.21/contrib/gpg.rc So far as I am aware, you do not really need a gpg.rc file, or is it a .gpgrc? You do, however, need quite a bit in your .muttrc. This is the relevant portion of my .muttrc, which works just fine. I am using GnuPG, the open-source equivalent, but it should work the same. You will have to replace the email address associated with your PGP key, and your key code, (both are in parentheses below) but otherwise, you should be able to simply cut and paste this into your current .muttrc file and have secure email. You may test it on me if you wish. PGP email can be difficult to set up, but once working, it seems pretty stable. Enjoy: #paranoid delusional encryption stuff... also check on the use of Steghide set pgp_decode_command=gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f ..snip. set pgp_replyencrypt=yes set pgp_timeout=1800 set pgp_good_sign=^gpg: Good signature from I have none of this in my .muttrc and have pgp capability. P shows the pgp menu. This in mutt 1.5.20-9+squeeze2. -- Bob Holtzman If you think you're getting free lunch, check the price of the beer. Key ID: 8D549279 signature.asc Description: Digital signature
Re: Question about PGP and mutt
Well, there is almost certainly more than one way to do it... Dale -- Think nobody intercepts email? Think again! Gnu Privacy Guard. Not just for spies. signature.asc Description: Digital signature