Emacs Asked by user313032 on September 2, 2021
I want to keep all my passwords and logins in a gpg-encrypted file, that I want to access using emacs in the terminal on ubuntu.
I want to be prompted for the ‘master’ password when opening the file, but not when saving it. I don’t want to use anything like a ‘keyring’.
I managed to almost achieve my desired setup by following the instructions here, the only problem being that I have to enter the password twice when saving the file. The problem is that I fear that when accidentally entering the password incorrectly twice, I could lock myself out of my password file forever.
Is there a way not to be prompted for the password when saving, or alternatively for the save-password to be rejected when its hash doesn’t match the password that I opened the file with?
I remember struggling with this for quite some time. Like you, I'm using public/private key with a pass phrase, not symmetric encryption.
What works is the following:
;; let's get encryption established
(require 'epa-file)
(epa-file-enable)
(setq epg-pinentry-mode 'loopback)
(require 'org-crypt)
(org-crypt-use-before-save-magic)
I do not unset GPG_AGENT_INFO
. You should set epg-gpg-program
if gpg
is not in your $PATH
by default.
Setting epg-pinentry-mode
to loopback
is especially valuable to allow Emacs to query passphrase rather than external programs which might block the window or not work properly in containers and so forth.
Answered by gregoryg on September 2, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP