pam-gnupg notes

This commit is contained in:
Luke Smith 2019-04-25 11:32:48 -04:00
parent c55f6818f6
commit 6a9c4d5b72
No known key found for this signature in database
GPG Key ID: 4C50B54A911F6252
2 changed files with 20 additions and 0 deletions

View File

@ -48,6 +48,7 @@ The mutt-wizard is run with the command `mw`. It also installs the `mailsync` co
- `notmuch` - index and search mail. Install it and run `notmuch setup`, tell it that your mail is in `~/.local/share/mail/`. You can run it in mutt with `ctrl-f`. Run `notmuch new` to process new mail, although the included `mailsync` script does this for you.
- `abook` - a terminal-based address book. Pressing tab while typing an address to send mail to will suggest contacts that are in your abook.
- A cron manager - if you want to enable the auto-sync feature.
- `pam-gnupg` - this is a more general program that I use. It automatically logs you into your GPG key on login so you will never need to input your password once logged on to your system. Check the repo and directions out [here](https://github.com/cruegge/pam-gnupg).
## Neomutt user interface

19
mw.1
View File

@ -86,6 +86,25 @@ Google will require you to allow "less-secure" (third party) applications or use
Protonmail users must use the Protonmail Bridge <https://protonmail.com/bridge/> to access their IMAP and SMTP servers. This too should be configured before running mutt-wizard.
.B Enterprise and university accounts
Many universities and businesses might host their domain's email via Google or another service. This often requires a special IMAP/SMTP-specific password that you must generate and use. Again, mutt-wizard can handle these systems, but only once they've been set up.
.TP
.B Password decryption
mutt-wizard uses
.I pass
and therefore
.I gpg
to decrypt your passwords. Provided your GPG key has a password, this might mean that you will be prompted for your GPG password the first time you sync or send mail in a session. Once your password is cached, it might also expire later as well.
Because of this I strongly recommend the program
.I pam-gnupg
<https://github.com/cruegge/pam-gnupg> which automatically unlocks your GPG password on login and keeps it active, thus giving you, with mutt-wizard, secure access to all your email accounts on your system without ever having to input a password.
If you don't want to use this program, you can also increase the cache time of an inputted GPG password with the
.I default-cache-ttl
and
.I max-cache-ttl
variables in your
.I
gpg-agent.conf.
.SH MUTT-WIZARD'S NEOMUTT CONFIGURATION
Here is a list of not only mutt-wizard's particular defaults, but what you need to get the most out of email accounts configured with mutt-wizard.
.TP