<<< Date Index >>>     <<< Thread Index >>>

mutt and plaintext passwords : muttrc encryption ?



Hello.
I was wondering about some way to protect the passwords potentially 
stored in the mutt rc files (i have multiple acccounts, and I feel
unconfortable remembering and typing all of them each time using
mutt) on my Linux laptop.

My main concern is about them being stored in plaintext, which is a
little dangerous when using a laptop and traveling: there is  identity
theft potential.

A widely solution would be to encrypt the filesystem on which the
configuration files reside.
This, however is IMHO a little oversized solution in the case the main
privacy concern, like in my case, is about a bunch of text files.

So lately I'm experimenting a more gentle approach, namely using a
file (stored in my home directory) encrypted with LUKS, containing a
directory containing the important data (a passwords-only .muttrc, a
.msmtprc, a .fetchmailrc, and an .isyncrc).

Setting some sudo stuff, and configuring my bash aliases, I get this 
mini-filesystem mounted with ease - namely obtaining a 'lightweight
personal solution' for mail passwords protection.


But how about storing a whole encrypted muttrc file and letting mutt 
to decrypt it with some passphrase ?

Say, using the vim encryption algorithm (the one you trigger when 
saving a file with :X in the vim inner commandline), one would get a
quite simple and lightweight security measure, without the need of
filesystem messing and getting a 'natural' way of editing the muttrc.
I reported the Vim encryption solution because it sounds 'simple' and
'natural' to me, (and Vim encrypted files can be 'recognized' by 
having a "VimCrypt" signature in the first bytes)
But I know, vim is not the only text editor around here :) .

Has anybody thought or heard of a solution like this, or similar ?

--
Michele Martone
http://claudius.ce.uniroma2.it/~martone