Archive of RubyForge sup-talk mailing list
 help / color / mirror / Atom feed
From: Nicolas Pouillard <nicolas.pouillard@gmail.com>
To: Erik Quaeghebeur <sup@equaeghe.nospammail.net>, sup-talk@rubyforge.org
Subject: Re: [sup-talk] how to replace (al)pine's passfile functionality
Date: Mon, 26 Apr 2010 00:23:38 -0700 (PDT)	[thread overview]
Message-ID: <4bd53f7a.810ce30a.79fc.ffff80a3@mx.google.com> (raw)
In-Reply-To: <alpine.DEB.2.00.1004260052050.913@flfbcjrt>

On Mon, 26 Apr 2010 00:57:39 -0400 (EDT), Erik Quaeghebeur <sup@equaeghe.nospammail.net> wrote:
> Hi,
Hi,

> (Al)pine has a passfile functionality: a (weakly) encrypted file contains 
> the passwords necessary for imap, nntp, and smpt connections. For sup 
> (0.11 on ruby 1.8), I use offlineimap and msmpt, both of which need 
> passwords either stored in plaintext in their config files or in the netrc 
> file. Is there any way to use some kind of encrypted netrc (something in 
> the vein of kde's wallet), which is decrypted/made accessible on login or 
> with a one-time password dialog?

What I do is to store these sensitive configuration files on some encrypted
filesystem. Encfs and dmcrypt-luks (linux only) are fine choices to do so.

The result is that if someone get root access or your access to the machine
then yes he has the password but its much worse than that since he can setup
a keylogger patch your binaries...

However the good news is that if he needs to reboot the machine then all of
these filesystem will get unreadable.

Regards,

-- 
Nicolas Pouillard
http://nicolaspouillard.fr
_______________________________________________
sup-talk mailing list
sup-talk@rubyforge.org
http://rubyforge.org/mailman/listinfo/sup-talk


      parent reply	other threads:[~2010-04-26  7:23 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-04-26  4:57 Erik Quaeghebeur
2010-04-26  6:10 ` Mariano Mara
2010-04-27  3:47   ` Erik Quaeghebeur
2010-04-26  7:23 ` Nicolas Pouillard [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4bd53f7a.810ce30a.79fc.ffff80a3@mx.google.com \
    --to=nicolas.pouillard@gmail.com \
    --cc=sup-talk@rubyforge.org \
    --cc=sup@equaeghe.nospammail.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox