GNU bug report logs -
#72462
Having to store password in mutliple places
Previous Next
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 72462 in the body.
You can then email your comments to 72462 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#72462; Package
emacs.
(Sun, 04 Aug 2024 14:03:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Pranshu <pranshusharma366 <at> gmail.com>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Sun, 04 Aug 2024 14:03:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Right now to get a functional gnus setup in which I can send and recive
mail, I am having to store my password is 2 places, which is the mail
sources variable, and the authinfo file. This makes it extremly
annoying and insecure, especially since I cannot encrypt one fo the
places I store the password.
If I remove password from authinfo file, I can still recive mail but not
send any. And if I remove password from mail sources, I cannot recive
mail without typing my whole password when prompted on gnus startup.
Following is the code I have:
Elisp code:
----------------------------------------------------------
(setq user-mail-address "pranshusharma366 <at> gmail.com")
(setq user-full-name "Pranshu")
(setq smtpmail-smtp-server "smtp.gmail.com")
(setq smtpmail-smtp-service 465)
(setq smtpmail-stream-type 'ssl)
(setq mail-sources `((pop :server "pop.gmail.com"
:user ,user-mail-address
:password "**********" ; Password line
:port 995)))
----------------------------------------------------------
Authinfo:
----------------------------------------------------------
machine smtp.gmail.com login pranshusharma366 <at> gmail.com password ********** port 465
----------------------------------------------------------
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#72462; Package
emacs.
(Sun, 04 Aug 2024 14:43:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 72462 <at> debbugs.gnu.org (full text, mbox):
On Aug 05 2024, Pranshu wrote:
> Following is the code I have:
>
> Elisp code:
> ----------------------------------------------------------
> (setq user-mail-address "pranshusharma366 <at> gmail.com")
> (setq user-full-name "Pranshu")
> (setq smtpmail-smtp-server "smtp.gmail.com")
> (setq smtpmail-smtp-service 465)
> (setq smtpmail-stream-type 'ssl)
> (setq mail-sources `((pop :server "pop.gmail.com"
> :user ,user-mail-address
> :password "**********" ; Password line
> :port 995)))
> ----------------------------------------------------------
>
>
> Authinfo:
> ----------------------------------------------------------
> machine smtp.gmail.com login pranshusharma366 <at> gmail.com password ********** port 465
> ----------------------------------------------------------
You should add an entry to authinfo for machine pop.gmail.com, then you
can remove the credentials from mail-sources. That's still writing the
password twice, but at least it's next to each other in the same file.
--
Andreas Schwab, schwab <at> linux-m68k.org
GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1
"And now for something completely different."
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#72462; Package
emacs.
(Sun, 04 Aug 2024 14:46:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 72462 <at> debbugs.gnu.org (full text, mbox):
Pranshu <pranshusharma366 <at> gmail.com> writes:
Hi Pranshu,
> Right now to get a functional gnus setup in which I can send and recive
> mail, I am having to store my password is 2 places, which is the mail
> sources variable, and the authinfo file. This makes it extremly
> annoying and insecure, especially since I cannot encrypt one fo the
> places I store the password.
>
> If I remove password from authinfo file, I can still recive mail but not
> send any. And if I remove password from mail sources, I cannot recive
> mail without typing my whole password when prompted on gnus startup.
>
> Following is the code I have:
>
> Elisp code:
> ----------------------------------------------------------
> (setq user-mail-address "pranshusharma366 <at> gmail.com")
> (setq user-full-name "Pranshu")
> (setq smtpmail-smtp-server "smtp.gmail.com")
> (setq smtpmail-smtp-service 465)
> (setq smtpmail-stream-type 'ssl)
> (setq mail-sources `((pop :server "pop.gmail.com"
> :user ,user-mail-address
> :password "**********" ; Password line
> :port 995)))
> ----------------------------------------------------------
>
>
> Authinfo:
> ----------------------------------------------------------
> machine smtp.gmail.com login pranshusharma366 <at> gmail.com password ********** port 465
> ----------------------------------------------------------
You can store both passwords in .authinfo, like
--8<---------------cut here---------------start------------->8---
machine smtp.gmail.com login pranshusharma366 <at> gmail.com password ********** port 465
machine pop.gmail.com login pranshusharma366 <at> gmail.com password ********** port 995
--8<---------------cut here---------------end--------------->8---
No need to keep it in the :password slot of mail-sources.
Best regards, Michael.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#72462; Package
emacs.
(Sun, 04 Aug 2024 14:48:03 GMT)
Full text and
rfc822 format available.
Message #14 received at 72462 <at> debbugs.gnu.org (full text, mbox):
> Cc: 72462 <at> debbugs.gnu.org
> From: Andreas Schwab <schwab <at> linux-m68k.org>
> Date: Sun, 04 Aug 2024 16:42:33 +0200
>
> On Aug 05 2024, Pranshu wrote:
>
> > Following is the code I have:
> >
> > Elisp code:
> > ----------------------------------------------------------
> > (setq user-mail-address "pranshusharma366 <at> gmail.com")
> > (setq user-full-name "Pranshu")
> > (setq smtpmail-smtp-server "smtp.gmail.com")
> > (setq smtpmail-smtp-service 465)
> > (setq smtpmail-stream-type 'ssl)
> > (setq mail-sources `((pop :server "pop.gmail.com"
> > :user ,user-mail-address
> > :password "**********" ; Password line
> > :port 995)))
> > ----------------------------------------------------------
> >
> >
> > Authinfo:
> > ----------------------------------------------------------
> > machine smtp.gmail.com login pranshusharma366 <at> gmail.com password ********** port 465
> > ----------------------------------------------------------
>
> You should add an entry to authinfo for machine pop.gmail.com, then you
> can remove the credentials from mail-sources. That's still writing the
> password twice, but at least it's next to each other in the same file.
I think writing the password twice is unavoidable, since these are two
separate servers/services: one for receiving email, the other for
sending. Am I right?
Reply sent
to
Eli Zaretskii <eliz <at> gnu.org>:
You have taken responsibility.
(Sat, 17 Aug 2024 08:53:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
Pranshu <pranshusharma366 <at> gmail.com>:
bug acknowledged by developer.
(Sat, 17 Aug 2024 08:53:02 GMT)
Full text and
rfc822 format available.
Message #19 received at 72462-done <at> debbugs.gnu.org (full text, mbox):
> Cc: pranshusharma366 <at> gmail.com, 72462 <at> debbugs.gnu.org
> Date: Sun, 04 Aug 2024 17:47:28 +0300
> From: Eli Zaretskii <eliz <at> gnu.org>
>
> > Cc: 72462 <at> debbugs.gnu.org
> > From: Andreas Schwab <schwab <at> linux-m68k.org>
> > Date: Sun, 04 Aug 2024 16:42:33 +0200
> >
> > On Aug 05 2024, Pranshu wrote:
> >
> > > Following is the code I have:
> > >
> > > Elisp code:
> > > ----------------------------------------------------------
> > > (setq user-mail-address "pranshusharma366 <at> gmail.com")
> > > (setq user-full-name "Pranshu")
> > > (setq smtpmail-smtp-server "smtp.gmail.com")
> > > (setq smtpmail-smtp-service 465)
> > > (setq smtpmail-stream-type 'ssl)
> > > (setq mail-sources `((pop :server "pop.gmail.com"
> > > :user ,user-mail-address
> > > :password "**********" ; Password line
> > > :port 995)))
> > > ----------------------------------------------------------
> > >
> > >
> > > Authinfo:
> > > ----------------------------------------------------------
> > > machine smtp.gmail.com login pranshusharma366 <at> gmail.com password ********** port 465
> > > ----------------------------------------------------------
> >
> > You should add an entry to authinfo for machine pop.gmail.com, then you
> > can remove the credentials from mail-sources. That's still writing the
> > password twice, but at least it's next to each other in the same file.
>
> I think writing the password twice is unavoidable, since these are two
> separate servers/services: one for receiving email, the other for
> sending. Am I right?
No further comments, so I presume the problem is solved by the above
advice, and I'm therefore closing this bug.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Sat, 14 Sep 2024 11:24:12 GMT)
Full text and
rfc822 format available.
This bug report was last modified 281 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.