/gpg-offlineimap

Python bindings for offlineimap to use gpg or Apple's key vault instead of storing cleartext passwords

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

gpg-offlineimap

Python bindings for offlineimap to use gpg instead of storing cleartext passwords

Quickstart

Requirements: a working GPG set-up. Ideally with gpg-agent. Should work out of the box on most modern Linux desktop environments.

  1. Enable IMAP in gmail (if you have two factor authentication, you need to create an app-specific password)

  2. Create a directory ~/Mail

  3. In ~/Mail, create a password file passwords-gmail.txt. Format: account@gmail.com password. Look at the example file in this directory.

  4. ENCRYPT the file: gpg -e passwords-gmail.txt. It should create a file passwords-gmail.txt.gpg. Check you can decrypt it: gpg -d passwords-gmail.txt.gpg: it will ask you for your GPG password and show it to you.

  5. Copy offlineimaprc in your home directory as .offlineimaprc and edit it by following the comments. Minimal items to configure: the remoteuser field and the pythonfile parameter pointing at the offlineimap.py file in this directory.

  6. Run it: offlineimap. It should ask you for your GPG passphrase to decrypt the password file.

  7. If all works well, delete the cleartext password file.