From mboxrd@z Thu Jan 1 00:00:00 1970 Received: by 10.204.174.193 with SMTP id u1cs73829bkz; Mon, 26 Apr 2010 00:23:59 -0700 (PDT) Received: by 10.216.161.68 with SMTP id v46mr3819570wek.107.1272266639128; Mon, 26 Apr 2010 00:23:59 -0700 (PDT) Return-Path: Received: from rubyforge.org (rubyforge.org [205.234.109.19]) by mx.google.com with ESMTP id r27si5814457wbc.71.2010.04.26.00.23.58; Mon, 26 Apr 2010 00:23:58 -0700 (PDT) Received-SPF: pass (google.com: domain of sup-talk-bounces@rubyforge.org designates 205.234.109.19 as permitted sender) client-ip=205.234.109.19; Authentication-Results: mx.google.com; spf=pass (google.com: domain of sup-talk-bounces@rubyforge.org designates 205.234.109.19 as permitted sender) smtp.mail=sup-talk-bounces@rubyforge.org; dkim=neutral (body hash did not verify) header.i=@gmail.com Received: from rubyforge.org (rubyforge.org [127.0.0.1]) by rubyforge.org (Postfix) with ESMTP id 568CD1858311; Mon, 26 Apr 2010 03:23:58 -0400 (EDT) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by rubyforge.org (Postfix) with ESMTP id A7DFF185830D for ; Mon, 26 Apr 2010 03:23:40 -0400 (EDT) Received: by wwf26 with SMTP id 26so664349wwf.23 for ; Mon, 26 Apr 2010 00:23:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:subject :to:in-reply-to:references; bh=67MYhvfADqyfYfsDO70GUcNDGL6x5cSYy5cASBYejqU=; b=anT6WzXeoW4OSIm19rDihhhFhW5GMP0qwo8x4aMdxMVrcUHGpRNVFaSWFdQHweNZPM LFkBnOdGlQAv3+FK1zP/JQ4f2dfrNr+Z+rtJ32yPEPglWjczURog79exqNBl+q9A1mDD P72ci0pYsxGLMFH08FOFtL43Za67iKxt+lT3Q= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:subject:to:in-reply-to:references; b=kwKMba3+Ozj9Ql2Wq/cesUi68tKkJ5v9C6ueuRtN9pDAjqLnpIvvqgpSGcPhasaF/p LlpSWuHLKA8nH4Nxnl4PNU2ZXTczLbwoL5u0PLjnON+X1hikpjbzwlyEaX3L32eF5NlY 3VJlyBjbpJ0Tpja+Dsa3QDTDNwRZmvSXhFO78= Received: by 10.216.90.13 with SMTP id d13mr4423322wef.18.1272266619768; Mon, 26 Apr 2010 00:23:39 -0700 (PDT) Received: from localhost (ks.feydakins.org [91.121.104.209]) by mx.google.com with ESMTPS id x1sm19940750wbx.1.2010.04.26.00.23.38 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 26 Apr 2010 00:23:38 -0700 (PDT) Message-ID: <4bd53f7a.810ce30a.79fc.ffff80a3@mx.google.com> Date: Mon, 26 Apr 2010 00:23:38 -0700 (PDT) From: Nicolas Pouillard To: Erik Quaeghebeur , sup-talk@rubyforge.org In-Reply-To: References: Subject: Re: [sup-talk] how to replace (al)pine's passfile functionality X-BeenThere: sup-talk@rubyforge.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: User & developer discussion of Sup List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: sup-talk-bounces@rubyforge.org Errors-To: sup-talk-bounces@rubyforge.org On Mon, 26 Apr 2010 00:57:39 -0400 (EDT), Erik Quaeghebeur wrote: > Hi, Hi, > (Al)pine has a passfile functionality: a (weakly) encrypted file contains > the passwords necessary for imap, nntp, and smpt connections. For sup > (0.11 on ruby 1.8), I use offlineimap and msmpt, both of which need > passwords either stored in plaintext in their config files or in the netrc > file. Is there any way to use some kind of encrypted netrc (something in > the vein of kde's wallet), which is decrypted/made accessible on login or > with a one-time password dialog? What I do is to store these sensitive configuration files on some encrypted filesystem. Encfs and dmcrypt-luks (linux only) are fine choices to do so. The result is that if someone get root access or your access to the machine then yes he has the password but its much worse than that since he can setup a keylogger patch your binaries... However the good news is that if he needs to reboot the machine then all of these filesystem will get unreadable. Regards, -- Nicolas Pouillard http://nicolaspouillard.fr _______________________________________________ sup-talk mailing list sup-talk@rubyforge.org http://rubyforge.org/mailman/listinfo/sup-talk