chris
/
dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
I showed you my source code, pls respond
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
699 Commits
1 Branch
0 Tags
34 MiB
 
 
 
Tree: 113b4d17d1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '113b4d17d1'
${ noResults }
dotfiles/modules/encryption.org

3.4 KiB
Raw Blame History

Encryption

My source files encrypted with symmetric key encryption via GPG1. This enables my workflow of storing my personal notes anywhere, including checked in to a public source repository. Emacs can cache the GPG1 password if you trust your session. Pinentry2 handled within Emacs to remain compatible without the Desktop module.

Configuring the gpg-agent

When the gpg-agent1 loads it will read the configuration at ~/.gnupg/gpg-agent.conf. Override the default settings to allow Emacs to function as the Pinentry2 application.

allow-emacs-pinentry
allow-loopback-pinentry

Restarting the gpg-agent

You may need to restart the gpg-agent1 to load the configuration without rebooting.

gpgconf --reload gpg-agent

Creating a symbolic link

Create the symbolic link to the configuration file 

(dotfiles/symlink "~/.emacs.d/config/gpg-agent.conf"
                  "~/.gnupg/gpg-agent.conf")

Setting up pinentry in Emacs

With the Pinentry2 package for Emacs prompts will now appear in the minibuffer. Increase the minimum prime bit size to increase performance during symmetric encryption.

(use-package pinentry
  :custom (epa-file-select-keys 2)
          (gnutls-min-prime-bits 4096)
          (epa-pinentry-mode 'loopback)
          (epa-file-encrypt-to dotfiles/public-key)
          (epa-file-cache-passphrase-for-symmetric-encryption t)
  :config (pinentry-start))

Including *.gpg files

Override org-agenda-file-regexp to include .org.gpg files.

(unless (string-match-p "\\.gpg" org-agenda-file-regexp)
  (setq org-agenda-file-regexp
    (replace-regexp-in-string "\\\\\\.org" "\\\\.org\\\\(\\\\.gpg\\\\)?"
      org-agenda-file-regexp)))

Encrypting roam files

Irrelevant without the Writing module, encrypt new files from capture templates.

(with-eval-after-load 'org-roam
  (setq org-roam-encrypt-files t))

Managing passwords

Pass3 makes managing passwords easy, encrypring them in a file structure and providing easy commands for generating, modify, and copying passwords. Password-store.el4 provides a wrapper for the functionality within Emacs.

(use-package password-store
  :custom (password-store-dir dotfiles/passwords))

Configure keybindings behind SPC p.

  • Copy with p

  • Rename with r

  • Generate with g

(dotfiles/leader
  "p" '(:ignore t :which-key "Passwords")
  "pp" '(password-store-copy :which-key "Copy")
  "pr" '(password-store-rename :which-key "Rename")
  "pg" '(password-store-generate :which-key "Generate"))

Footnotes