I showed you my source code, pls respond
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
#+TITLE: Encryption#+AUTHOR: Christopher James Hayward#+EMAIL: chris@chrishayward.xyz
#+PROPERTY: header-args:emacs-lisp :tangle encryption.el :comments org#+PROPERTY: header-args:shell :tangle no#+PROPERTY: header-args :results silent :eval no-export :comments org
#+OPTIONS: num:nil toc:nil todo:nil tasks:nil tags:nil#+OPTIONS: skip:nil author:nil email:nil creator:nil timestamp:nil
My source files encrypted with symmetric key encryption via *GPG*[fn:1]. This enables my workflow of storing my personal notes anywhere, including checked in to a public source repository. Emacs can cache the *GPG*[fn:1] password if you trust your session. *Pinentry*[fn:2] handled within Emacs to remain compatible without the [[file:desktop.org][Desktop]] module.
* Configuring the gpg-agent:PROPERTIES::header-args: :tangle ../config/gpg-agent.conf:END:
When the *gpg-agent*[fn:1] loads it will read the configuration at ~~/.gnupg/gpg-agent.conf~. Override the default settings to allow Emacs to function as the *Pinentry*[fn:2] application.
#+begin_src confallow-emacs-pinentryallow-loopback-pinentry#+end_src
** Restarting the gpg-agent
You may need to restart the *gpg-agent*[fn:1] to load the configuration without rebooting.
#+begin_src shellgpgconf --reload gpg-agent#+end_src
** Creating a symbolic link
Create the symbolic link to the configuration file
#+begin_src emacs-lisp(dotfiles/symlink "~/.emacs.d/config/gpg-agent.conf" "~/.gnupg/gpg-agent.conf")#+end_src
* Setting up pinentry in Emacs
With the *Pinentry*[fn:2] package for Emacs prompts will now appear in the minibuffer. Increase the minimum prime bit size to increase performance during symmetric encryption.
#+begin_src emacs-lisp(use-package pinentry :custom (epa-file-select-keys 2) (gnutls-min-prime-bits 4096) (epa-pinentry-mode 'loopback) (epa-file-encrypt-to dotfiles/public-key) (epa-file-cache-passphrase-for-symmetric-encryption t) :config (pinentry-start))#+end_src
** Including *.gpg files
Override ~org-agenda-file-regexp~ to include =.org.gpg= files.
#+begin_src emacs-lisp(unless (string-match-p "\\.gpg" org-agenda-file-regexp) (setq org-agenda-file-regexp (replace-regexp-in-string "\\\\\\.org" "\\\\.org\\\\(\\\\.gpg\\\\)?" org-agenda-file-regexp)))#+end_src
** Encrypting roam files
Irrelevant without the [[file:writing.org][Writing]] module, encrypt new files from capture templates.
#+begin_src emacs-lisp(with-eval-after-load 'org-roam (setq org-roam-encrypt-files t))#+end_src
* Managing passwords
*Pass*[fn:3] makes managing passwords easy, encrypring them in a file structure and providing easy commands for generating, modify, and copying passwords. *Password-store.el*[fn:4] provides a wrapper for the functionality within Emacs.
#+begin_src emacs-lisp(use-package password-store :custom (password-store-dir dotfiles/passwords))#+end_src
Configure keybindings behind =SPC p=.
+ Copy with =p=+ Rename with =r=+ Generate with =g=
#+begin_src emacs-lisp(dotfiles/leader "p" '(:ignore t :which-key "Passwords") "pp" '(password-store-copy :which-key "Copy") "pr" '(password-store-rename :which-key "Rename") "pg" '(password-store-generate :which-key "Generate"))#+end_src
* Footnotes
[fn:1] https://gnupg.org
[fn:2] https://elpa.gnu.org/packages/pinentry.html
[fn:3] https://passwordstore.org
[fn:4] https://git.zx2c4.com/password-store/tree/contrib/emacs
|
