As usual , There is one Python The module has solved my problem . This module is getpass4, From the user's point of view , Its behavior and input Exactly the same as , It just doesn't show what the user has entered .
You can use it. pip Install these two modules :
$ python -m pip install --user python-gnupg getpass4
Here's my Python Script , Used to create password prompts :
#!/usr/bin/env python # by Seth Kenlon # GPLv3 # install deps: # python3 -m pip install --user python-gnupg getpass4 import gnupg import getpass from pathlib import Path def get_api_pass(): homedir = str(Path.home()) gpg = gnupg.GPG(gnupghome=os.path.join(homedir,".gnupg"), use_agent=True) passwd = getpass.getpass(prompt="Enter your GnuPG password: ", stream=None) with open(os.path.join(homedir,'.mutt','pass.gpg'), 'rb') as f: apipass = (gpg.decrypt_file(f, passphrase=passwd)) f.close() return str(apipass) if __name__ == "__main__": apipass = get_api_pass() print(apipass)
If you want to try , Save file as password_prompt.py. If you use offlineimap And want to use this scheme in your own password input , Then save it to a place where you can .offlineimaprc Point in file offlineimap The location of ( I use ~/.mutt/password_prompt.py).
Test password prompt
To see how the script is running , You must first create an encrypted file ( I assume you have set up GPG):
$ echo "hello world" > pass $ gpg --encrypt pass $ mv pass.gpg ~/.mutt/pass.gpg $ rm pass
Now run Python Script :
$ python ~/.mutt/password_prompt.py Enter your GPG password: hello world
There is no display when you type , But as long as you type it correctly GPG password , You will see the test information .
Match the password prompt with offlineimap integrated
I need to link my new tips to offlineimap Orders combine . I chose... For this script Python, Because I know offlineimap It can be done to Python Program calls . If you are one offlineimap user , You will understand the only thing you need “ Integrate ” It's yours .offlineimaprc Change two lines in the file .
First , Add a line reference Python The content of the document :
pythonfile = ~/.mutt/password_prompt.py
And then .offlineimaprc Medium remotepasseval Line to call password_prompt.py Medium get_api_pass() function :
remotepasseval = get_api_pass()
There is no longer a password in the configuration file !
safety problem
Thinking about security on your PC can sometimes feel paranoid . Yours SSH Whether the configuration really needs to be limited to 600? Hidden in .mutt Is the irrelevant email password really important ? Maybe it doesn't matter .
However , Know that I have not hidden sensitive data in my configuration file , Make it easier for me to submit documents to the public Git Warehouse , Copy and paste the clip into the support forum , And share my knowledge in the form of real and easy-to-use configuration files . In this regard alone , The improvement of security makes my life easier . And there are so many good Python Modules can help , It's easy to achieve .
