Script to store passwords in a file with GPG or using OSX's secure keychain

Submitted-by: https://github.com/lorenzog Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2018-06-10 12:18:27 +01:00
parent b5ffa1c163
commit c865dcc03c
4 changed files with 201 additions and 0 deletions
--- a/contrib/store-pw-with-gpg/README.md
+++ b/contrib/store-pw-with-gpg/README.md
@@ -0,0 +1,37 @@
+# gpg-offlineimap
+
+Python bindings for offlineimap to use gpg instead of storing cleartext passwords
+
+Author: Lorenzo G.
+[GitHub](https://github.com/lorenzog/gpg-offlineimap)
+
+## Quickstart
+
+Requirements: a working GPG set-up. Ideally with gpg-agent. Should work
+out of the box on most modern Linux desktop environments.
+
+ 1. Enable IMAP in gmail (if you have two factor authentication, you
+    need to create an app-specific password)
+
+ 2. Create a directory `~/Mail`
+
+ 3. In `~/Mail`, create a password file `passwords-gmail.txt`. Format:
+    `account@gmail.com password`. Look at the example file in this
+    directory.
+
+ 4. **ENCRYPT** the file: `gpg -e passwords-gmail.txt`. It should create
+    a file `passwords-gmail.txt.gpg`. Check you can decrypt it: `gpg -d
+    passwords-gmail.txt.gpg`: it will ask you for your GPG password and
+    show it to you.
+
+ 5. Use the file  `offlineimaprc.sample` as a sample for your own
+    `.offlineimaprc`; edit it by following the comments. Minimal items
+    to configure: the `remoteuser` field and the `pythonfile` parameter
+    pointing at the `offlineimap.py` file in this directory.
+
+ 6. Run it: `offlineimap`. It should ask you for your GPG passphrase to
+    decrypt the password file.
+
+ 7. If all works well, delete the cleartext password file.
+
+