I do not reveal my emacs init file publicly because it has secrets in it. For passwords (particularly for various APIs), and decryption keys in it.
But, the other day I discovered auth-source. I used in this example to launch my IRC setup:
(defun start-erc ()
"Wrapper for ERC that get's password via auth-source."
(interactive)
(let* ((server (erc-compute-server))
(port (erc-compute-port))
(credentials (auth-source-search :host server
:port (format "%s" port)
:max-tokens 1)))
(cond
(credentials
(erc :password (funcall (plist-get (car credentials) :secret))))
(t
(message "auth-source-search failed to find necessary credentials for irc server")))))Auth-source-search will find my credentials in ~/.authinfo.gpg. A line there like that looks like this: “machine irc.example.org port 12345 login luser password aPasWurd“.
Curious about hard it would be to fold that directly into the M-x erc</code> I read enough code to discover it calls thru to a function which does in fact call auth-source-search; so you can revise my function like so:
(defun start-erc ()
"Start erc computing all the default connection details, which might get the password via auth-source."
(interactive)
(let ((password? nil))
(erc-open (erc-compute-server)
(erc-compute-port)
(erc-compute-nick)
(erc-compute-full-name)
t ;; connect
password?))I'm delighted. But it, looks like this facility isn't used as much as I'd expect.
I found it because the helm-delicious package advised using it for my delicious password.
I was making good progress getting all my secrets out of the init file by have a function that would load all the secrets on demand loading an encrypted elisp file (load "secrets.el.gpg"). That works nicely too.
Maybe I should go read up on the secret storage scheme of vree desktop.
Pingback: Configure jabber without writing password in plain text | XL-UAT
Pingback: Configure jabber without writing password in plain text | DL-UAT