You are not logged in.
- Topics: Active | Unanswered
#1 2017-10-16 23:30:13
- pete_mav_mitchell
- Member
- From: Australia
- Registered: 2017-07-09
- Posts: 30
[SOLVED] isync/mbsync password and gnome-keyring
Hi,
I've gone down the terminal email path, i.e. neomutt/isync/msmtp/notmuch. The more I use and learn about mutt/neomutt and related programs the more I'm hooked and love this setup!
But the main issue with using isync is I'm being prompted to enter my gpg passphrase each time I run mbsync -Va
So what's happening here is isync tries to read my password file, but since it's encrypted, it requires the passphrase to decrypt it and continue.
I've proved this, as I don't get prompted when using plain passwords in .mbsyncrc.
From the Arch wiki article https://wiki.archlinux.org/index.php/Isync#Configuring:
PassCmd "gpg2 -q --for-your-eyes-only --no-tty -d ~/.mailpass.gpg"Here is the line in my config:
PassCmd "gpg2 -q --for-your-eyes-only --no-tty -d ~/.mutt/.mypassword.gpg"I tried caching the gpg keys via the gpg-agent. Below is my config: ~/.gnupg/gpg-agent.conf
# Cache ttl for unused keys
default-cache-ttl 3600
# Pin entry program
pinentry-program /usr/bin/pinentry-gtk-2But still no dice!
I've just read about gnome-keyring-query in the AUR, so haven't tried this yet.
What are others doing to get around being prompted?
Manually enter a passphrase each time is painful. Using auto sync via systemd (further down in the same article above) would be fantastic!
More info:
1. I have seahorse installed. But I mainly use gpg in terminal.
2. In seahorse, I have GnuPG key under the 'PGP Keys' section.
3. I just noticed I DO NOT HAVE a Password Keyring setup, i.e. 'User Key Storage' section in seahorse is empty. Perhaps this is the problem? (I cant try this now, as I'm getting the "Couldn't add keyring, no such secret collection at path..." error)
Last edited by pete_mav_mitchell (2017-10-18 00:26:10)
Offline
#2 2017-10-16 23:41:02
- jasonwryan
- Anarchist
- From: .nz
- Registered: 2009-05-09
- Posts: 30,424
- Website
Re: [SOLVED] isync/mbsync password and gnome-keyring
I use offlineimap and it sources my password from my password manager, pass. To do that, it uses my gpg key which is stored in the running agent. Which is started at login, by keychain.
Now that I have typed all that out, it seems a little, well, convoluted... But it seems to work!
Offline
#3 2017-10-17 23:57:52
- pete_mav_mitchell
- Member
- From: Australia
- Registered: 2017-07-09
- Posts: 30
Re: [SOLVED] isync/mbsync password and gnome-keyring
There were two problems. For anyone that has this issue, refer to one or both items below:
1. I did not have a Keyring created.
https://wiki.archlinux.org/index.php/GN … remembered
From the article:
If you get a password prompt every time you login, and you find that passwords are not saved, you might need to create/set a default keyring.
Ensure that the seahorse package is installed, open it ("Passwords and Keys" in system settings) and select View > By Keyring If there is no keyring in the left column (it will be marked with a lock icon), go to File > New > Password Keyring and give it a name. You will be asked to enter a password. If you do not give the keyring a password it will be unlocked automatically, even when using autologin, but passwords will not be stored securely. Finally, right-click on the keyring you just created and select "Set as default".
2. If you are using i3, add the DISPLAY environment variable to dbus-daemon
https://wiki.archlinux.org/index.php/GN … ay_manager
~/.xinitrc
dbus-update-activation-environment --systemd DISPLAY
eval $(/usr/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh)
export SSH_AUTH_SOCKOffline