Re: Encrypting incoming messages with GnuPG
- From: Harry Rickards <hrickards@xxxxxxxxxxxx>
- Date: Sat, 09 May 2009 18:56:05 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 05/09/09 18:24, Harry Rickards wrote:
On 05/09/09 18:05, Harry Rickards wrote:I've given nobody a home directory to nobody using usermod, and running
On 05/09/09 17:42, Dave Patterson wrote:
* Harry Rickards <hrickards@xxxxxxxxxxxx> [2009-05-09 11:14:14 +0100]:Uh, huh. Thanks for the tips, I'll try to come up with something from that.
-----BEGIN PGP SIGNED MESSAGE-----Hmm. So, we're looking at encrypting mails as they come in, prior to
Hash: SHA1
I was wondering if anyone knew of a way, perhaps using /etc/aliases, so
that all incoming mail addressed to my username (hrickards) is encrypted
with *my* public key, so that when I read it only I can read it using
*my* private key. If the mail was signed or encrypted beforehand, it
could then be decrypted with my private key as usual.
disk write, in a format that you, and only you, can later decrypt them,
preferably using gpg. I don't care why, it's an intereUting problem.
Local storage remains secure. At least that's what I think is the
intention.
Outside of using some disk encryption system like this:
<http://www.debianhelp.org/node/15244>
I'd try to pipe the mail fetchmail, procmail (pipe to
encryptionscrypt,write-encrypted-email-to-disk)
Remembering procmail only functions as a gate, and does not write the
mail to disk until told to, and neither does fetchmail
(or getmail or retchmail).
script should be very simple:
gpg -e -r yourusergpgidhere themessage
Build from that command.
Trick is to not write to disk prior to encryption.
So far I've added the gpmail alias in /etc/aliases as a test using the
following line:
gpmail:|/usr/bin/gpmail
I then created the /usr/bin/gpmail script, and ran newaliases. In
/usr/bin/gpmail I've got:
gpg --encrypt --sign --armor -r hrickards@xxxxxxxxxxxx|mail -s Test
hrickards@xxxxxxxxxxxx
When piping stuff to it from the command line it works fine, but when
sending a test email to gpmail@xxxxxxxxxxxx I get a blank email in
response. I think this is because /usr/bin/gpmail is being executed as
the 'nobody' user (I setup a whoami script), and I've setup the GPG keys
for the 'mail' user. nobody can't use GPG, as it doesn't have a home
directory, so is there a way to change the user that Postfix pipes
things to with (to mail or any other user with a home directory)? Thanks
for all the help.
/usr/bin/gpmail from the command line logged in as nobody works fine,
but I still receive blank emails when sending mail to
gpmail@xxxxxxxxxxxxx I suppose it could be that I'm sending it to the
address it's meant to forward it to, could someone send an email to
gpmail@xxxxxxxxxxxx for me? Thanks.
- --
Many thanks
Harry Rickards (a.k.a l33tmyst)
- -----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ E--- W+++ N o K+
w--- O- M- V- PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y?
- ------END GEEK CODE BLOCK------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkoFw7UACgkQ1kZz3mRu0GpuIwCdEuHPdH45vdhv/w7FE7ft3Hpz
G94An2PP+r6sM2aETbi6WTNMDg8J2z0P
=5IQM
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
- References:
- Encrypting incoming messages with GnuPG
- From: Harry Rickards
- Re: Encrypting incoming messages with GnuPG
- From: Dave Patterson
- Re: Encrypting incoming messages with GnuPG
- From: Harry Rickards
- Re: Encrypting incoming messages with GnuPG
- From: Harry Rickards
- Encrypting incoming messages with GnuPG
- Prev by Date: [SOLVED] lenny upgrade -> lost CPU temp monitor
- Next by Date: Re: .img_bestanden
- Previous by thread: Re: Encrypting incoming messages with GnuPG
- Next by thread: Re: Encrypting incoming messages with GnuPG
- Index(es):
Relevant Pages
|
Loading
