1

I want to keep all my passwords and logins in a gpg-encrypted file, that I want to access using emacs in the terminal on ubuntu.

I want to be prompted for the 'master' password when opening the file, but not when saving it. I don't want to use anything like a 'keyring'.

I managed to almost achieve my desired setup by following the instructions here, the only problem being that I have to enter the password twice when saving the file. The problem is that I fear that when accidentally entering the password incorrectly twice, I could lock myself out of my password file forever.

Is there a way not to be prompted for the password when saving, or alternatively for the save-password to be rejected when its hash doesn't match the password that I opened the file with?

Improve this question
1
  • There are many suggestions in the page you linked - it would be helpful to include exactly what code you have in your init. Commented Jul 16, 2020 at 16:07

1 Answer 1

Reset to default
1

I remember struggling with this for quite some time. Like you, I'm using public/private key with a pass phrase, not symmetric encryption.

What works is the following:

;; let's get encryption established (require 'epa-file) (epa-file-enable) (setq epg-pinentry-mode 'loopback) (require 'org-crypt) (org-crypt-use-before-save-magic)

I do not unset GPG_AGENT_INFO. You should set epg-gpg-program if gpg is not in your $PATH by default.

Setting epg-pinentry-mode to loopback is especially valuable to allow Emacs to query passphrase rather than external programs which might block the window or not work properly in containers and so forth.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.