Mutt: how to safely store password?
This tweak should get rid of your problem. Use gpg as suggested, or
set imap_pass=`getpassword email_id`
where you use pwsafe or passwords to fetch the passwords.
Edit: If mutt is built with IMAP support (--enable-imap), then mutt should prompt you for the password if you do not set it in the config file. From the manual:
imap_pass
Type: string Default: ""
Specifies the password for your IMAP account. If unset, Mutt will prompt you for your password when you invoke the fetch-mail function. Warning: you should only use this option when you are on a fairly secure machine, because the superuser can read your muttrc even if you are the only one who can read the file.
Create a passwords file: ~/.mutt/passwords:
set imap_pass="password"
set smtp_pass="password"
This file can be encrypted using GPG. First, create a public/private key pair:
$ gpg --gen-key
Encrypt the passwords file:
$ gpg -r [email protected] -e ~/.mutt/passwords
$ ls ~/.mutt/passwords*
/home/user/.mutt/passwords /home/user/.mutt/passwords.gpg
$ shred ~/.mutt/passwords
$ rm ~/.mutt/passwords
Add to your muttrc:
source "gpg -d ~/.mutt/passwords.gpg |"
via
See also Arch Wiki's Mutt entry.
Why not use a wallet manager like gnome-keyring or kwalletmanager with secret-tool?
apt install gnome-keyring secret-tool
.[neo]muttrc:
source 'echo "$( pw=$( secret-tool lookup user <USERNAME> domain <DOMAIN> ); echo set imap_pass=\"$pw\"; echo set smtp_pass=\"$pw\" )" |'
Store your imap and smtp passwd:
secret-tool store --label=imap user <USERNAME> domain <DOMAIN>
You could choose your own label if you wanted to.
Look up your creds using a shell:
secret-tool lookup user <USERNAME> domain <DOMAIN>
Fire up your [neo]mutt, connect & login to your imap srv. Enjoy.
This solution has advantages over gpg-based ones: it integrates well and there's no additional file left layin' around.
Bonus: Use libsecret or directly gnome-keyring as a git credential-helper as in git with libsecret and git with gnome-keyring. Both helpers need manual compilation. Yes, it's a bit awkward but it is working great.