Mutt is a mail client open source Linux / UNIX terminal environment. Mutt and Alpine has the most loyal followers of the Linux command line lovers, this is not without reason. Think about what you should expect the mail client features, Mutt has: multi-protocol support (for example, POP3, IMAP and SMTP), S / MIME and PGP / GPG integration, conversation thread, color-coded, customizable macro / Shortcuts ,and many more. In addition, command-line-based Mutt heavy compared to browser-based e-mail client (eg: Gmail, Ymail) or graphical user interface mail client (such as: Thunderbird, MS Outlook), it is a use of e-mail lightweight alternatives.
When you want to use Mutt to access or send e-mail through the company's SMTP / IMAP server, or substituted webmail service, a problem may be of concern is how to protect your mail credentials (eg: SMTP / IMAP password), they are stored in a pure text Mutt configuration file (~ / .muttrc) in.
For these people to safety concerns, there is a really easy way to encrypt * Mutt configuration file to prevent this risk. In this tutorial, I described how to encrypt sensitive Mutt configuration, such as using GnuPG (GPG) encryption SMTP / IMAP password, GPG is an open source OpenPGP implementation.
The first step (optional): Creating GPG Keys
Because we are going to use the GPG encryption Mutt configuration file, if you do not have GPG key first step is to create a (public / private key pair). If so, please ignore this step.
Create a new GPG key, enter the following command:
$ Gpg --gen-key
Select the type of key (RSA), key length (2048 bits), and the expiration time (0 = not expired). When the user ID prompt, enter the associated public / private key pair name (Dan Nanni) and email address (firstname.lastname@example.org). Finally, enter a password to protect your private key.
Generate a GPG key requires a lot of random bytes to form the entropy, so the key is to ensure the implementation during the generation of some random behavior on your system (such as: the keyboard, move the mouse or disk read and write). According to the key length, generating GPG keys take several minutes or more.
The second step: encrypt sensitive configuration Mutt
Next, in ~ / .mutt directory to create a new text file, and then you want to hide some sensitive configuration of Mutt bag. For this example, I specified SMTP / IMAP password.
$ Mkdir ~ / .mutt
$ Vi ~ / .mutt / password
set smtp_pass = "XXXXXXX"
set imap_pass = "XXXXXXX"
Now use your GPG public key encryption by the following documents:
$ Gpg -r email@example.com -e ~ / .mutt / password
This will create ~ / .mutt / password.gpg, which is a GPG encrypted version of the original file.
Then delete ~ / .mutt / password, leaving only the encrypted version of GPG.
Step 3: Create a complete profile Mutt
Now that you have placed in a separate file encryption of sensitive Mutt configuration, you can specify the rest of the Mutt configuration in ~ / .muttrc. This line then add ~ / .muttrc end.
source "gpg -d ~ / .mutt / password.gpg |"
When you start Mutt, which is about to decrypt ~ / .mutt / password.gpg, and then apply the decrypted content to your Mutt configuration.
The following example shows a complete Mutt configuration, which lets you access Gmail through Mutt, and not expose your SMTP / IMAP password. Use your Gmail ID substitute the following yourgmailaccount, in addition, you also need to enable "to support less secure application access" in your Goolgle account settings.
setfrom = "firstname.lastname@example.org"
set realname = "Your Name"
set smtp_url = "smtp: //email@example.com: 587 /"
set imap_user = "firstname.lastname@example.org"
set folder = "imaps: //imap.gmail.com: 993"
set spoolfile = "+ INBOX"
set postponed = "+ [Google Mail] / Drafts"
set trash = "+ [Google Mail] / Trash"
set header_cache = ~ / .mutt / cache / headers
set message_cachedir = ~ / .mutt / cache / bodies
set certificate_file = ~ / .mutt / certificates
set move = no
set imap_keepalive = 900
# Encrypted IMAP / SMTP passwords
source "gpg -d ~ / .mutt / password.gpg |"
The fourth step (optional): Configure the GPG Agent
At this time, you will be able to use encrypted Mutt IMAP / SMTP password. However, each time you run Mutt, you must first be prompted to enter a password to use your GPG private key to decrypt IMAP / SMTP password.
If you want to avoid such a GPG password hint, you can deploy a gpg-agent. It was later station run in daemon mode, gpg-agent can safely cache your GPG password, without manual intervention, gpg can automatically obtain the password from your GPG gpg-agent. If you are using Linux desktops, you can configure a number equivalent to the use gpg-agent specific desktop software, for example, GNOME desktop gnome-keyring-daemon.
You can gpg-agent-based Debian installation system:
$ Sudoapt-get install gpg-agent
gpg-agent on Red Hat-based system is pre-installed.
Now add the following to your .bashrc file.
envfile = "$ HOME / .gnupg / gpg-agent.env"
if [[- e "$ envfile"]] && kill-0 $ (grep GPG_AGENT_INFO "$ envfile" | cut-d: -f 2) 2> / dev / null; then
eval "$ (cat" $ envfile ")"
eval "$ (gpg-agent --daemon --allow-preset-passphrase --write-env-file" $ envfile ")"
Overloaded .bashrc, or simply log out and then log in again.
$ Source ~ / .bashrc
Now confirm GPGAGENTINFO environment variable has been set properly.
$ Echo $ GPG_AGENT_INFO
And, when you enter the command gpg-agent, you should see the following information.
gpg-agent: gpg-agent running and available
Once gpg-agent up and running, it will first prompt cache your GPG password when you enter the password. Then you have repeatedly run Mutt, GPG will not be prompted for a password (gpg-agent has been open, the cache will not expire).
In this guide, I provide a use GnuPG encryption such as SMTP / IMAP password so Mutt sensitive configuration method. Note that if you want to use GnuPG with Mutt to encrypt or sign on your mail, you can refer to the official guide for GPG and Mutt binding part.
If you know of any use Mutt safety tips, please share it.