providing imap_pass but not from ~/.muttrc

Larry Rosenman ler at lerctr.org
Thu Jun 13 19:26:10 UTC 2019


On 06/13/2019 2:19 pm, Ben Boeckel wrote:
> On Thu, Jun 13, 2019 at 20:56:33 +0200, Matthias Apitz wrote:
>> I often use SSH to connect to my rented VM space of my ISP (which gets 
>> me to a
>> Linux server) and I do use mutt from there to check my mails or even 
>> to
>> answer, esp. when I do not have my FreeBSD netbook with full Internet 
>> and all
>> mails up.
>> 
>> I do not want to set 'imap_pass=...' and such values in the ~/.muttrc 
>> on
>> this VM. Is there any other way to provide such credentials without to
>> key them in on start of mutt, for example based on an environment
>> variable which I could route to the VM through the SSH session like:
>> 
>> $ ssh -At www.unixarea.de imap_pass=abc bash --login
>> Thu Jun 13 20:44:51 CEST 2019
>> ...
>> sh4-5:~$ env | grep imap
>> imap_pass=abc
> 
> I don't think there's any mechanism in mutt. You might be able to have
> `mutt -F <(genmuttrc)` dump it out. It may also be worth just doing 
> `set
> imap_pass=...` inside mutt once it has started.
> 
> However, what's your threat model that having it in the file is not OK
> but the environment is OK? `/proc/foo/environ` is just as readable on
> Linux as muttrc is likely to be.
> 
> How are you getting your sendmail password over in order to send email?
> Or is it trusted because it's coming from the ISP's VM?
> 
> --Ben


I do the following trick:

source "gpg -q --textmode -d ~/.neomutt/passwords.gpg  |"

where the passwords.gpg file sets my_ vars for all my
passwords.

Just an idea.

-- 
Larry Rosenman                     http://www.lerctr.org/~ler
Phone: +1 214-642-9640                 E-Mail: ler at lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106


More information about the Mutt-users mailing list