TransWikia.com

encrypted password file with emacs & gpg

Emacs Asked by user313032 on September 2, 2021

I want to keep all my passwords and logins in a gpg-encrypted file, that I want to access using emacs in the terminal on ubuntu.

I want to be prompted for the ‘master’ password when opening the file, but not when saving it. I don’t want to use anything like a ‘keyring’.

I managed to almost achieve my desired setup by following the instructions here, the only problem being that I have to enter the password twice when saving the file. The problem is that I fear that when accidentally entering the password incorrectly twice, I could lock myself out of my password file forever.

Is there a way not to be prompted for the password when saving, or alternatively for the save-password to be rejected when its hash doesn’t match the password that I opened the file with?

One Answer

I remember struggling with this for quite some time. Like you, I'm using public/private key with a pass phrase, not symmetric encryption.

What works is the following:

;; let's get encryption established
(require 'epa-file)
(epa-file-enable)
(setq epg-pinentry-mode 'loopback)
(require 'org-crypt)
(org-crypt-use-before-save-magic)

I do not unset GPG_AGENT_INFO. You should set epg-gpg-program if gpg is not in your $PATH by default.

Setting epg-pinentry-mode to loopback is especially valuable to allow Emacs to query passphrase rather than external programs which might block the window or not work properly in containers and so forth.

Answered by gregoryg on September 2, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP