Menu
▾
▴
Re: [Fetchmail-users] Fetchmail without passwords in plaintext file?
|
From: Gene H. <ghe...@sh...> - 2018-12-12 18:05:58
|
On Wednesday 12 December 2018 11:37:44 Peter Pentchev wrote: [...] > I think you're talking at cross purposes. Entirely possible Peter. > I believe that Bjoern and > Matthias are discussing whether the password should be stored in > the ~/.fetchmailrc file in plain text, so that anybody with access to > the user's account would be able to look at the file and see it, or > whether fetchmail should ask another program to provide it with > the password only when it is needed. Access to the users machine tightens that up considerably. Stuff the public can look at is my web page but its in a sandbox no-one has splashed out of yet in much of a decade, and I am the only breathing user. I can become the other 3 "users" at will if they need attention, but these 6 or 7 machines are all mine, and all behind dd-wrt in my router. Which, other than the NAT from the registered ipv4 address for my 192.168.xx.xx web pages has not been penetrated in close to 20 years. > Gene, you seem to be talking about whether the password, once > fetchmail has obtained it somehow, should be sent over the network in > plaintext; I believe that this is usually handled by instructing > fetchmail to negotiate a TLS/SSL connection with the mail server. If > there are any ISPs that do not provide this option to their users in > 2018, that's... troubling. That of coarse is happening, out of my sight, and it is being sent encrypted, but its stored in the clear here. If we had a dubiously named utility to dcrypt it from a locally secure encryption, reencoding it for fetchmails use only when needed I'm sure that would be acceptable, particularly if the memory it used to do it was scrubbed before giving it back. That would be about as secure as I can imagine. And at the same time not a huge time sink to do it, specially if working from an SSD. > G'luck, > Peter Take care Peter. -- Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene> |
