UP | HOME

Some security with gpg and Emacs.

We reuse gnupg for everything, which has a built-in support in GNU Emacs.

Notice that pass is also based on gnupg.

.authinfo

Has to be chmod 0600 .authinfo

The .authinfo file (which is a “standard”) could also be encrypted as ~/.authinfo.gpg 

# -*- epa-file-encrypt-to: ("lngnmn2@yahoo.com") -*-
machine HOST login NAME password VALUE port NUMBER

GnuPG

Install the binaries 

  emerge --ask app-crypt/gnupg pinentry pass
  • Create and use a subkey for everything.
  • use eval $(gpg-agent)
  • Backup the whole /.gnupg/ directory.
  • Encrypt the archive using openssl
  • Can be integrated with dired, which I don’t use.

This is how one uses a “transparent” encryption within GNU Emacs. 

  # -*- mode:org; epa-file-encrypt-to: ("me@mydomain.com") -*-

OpenSSL

The simplest encryption using OpenSSL. 

  openssl enc -aes-256-cbc -a -d -in data.txt -out aaa

GNU Emacs/ support an encryption scheme based on file extensions. There are third-party packages (such as crypt-plus-plus) available.

Author: <schiptsov@gmail.com>

Email: lngnmn2@yahoo.com

Created: 2023-08-26 Sat 19:03

Emacs 29.1.50 (Org mode 9.7-pre)