On Sun, Mar 03, 2002 at 06:40:16PM +0100, Michel Eyckmans (MCE) wrote:
What's the problem with the plaintext password in .fetchmailrc? Only
the owner and root can read the file.
Of course, I do know that an encrypted password remains vulnerable to
anyone who knows how the decryption works.
It should be fairly straight-forward to do something similar to how
OpenSSH handles a similar problem. When using a public-private
keypair for authentication, ssh can encrypt the private key on disk,
and fetch the decryption key from ssh-agent when the private key is
required. This allows the user to enter the decryption key once, but
keep it available in a controller manner, without storing the private
key in cleartext on disk.
While this is still vulnerable to a trojaned ssh-agent, it raises the
bar required for a successful attack by keeping the cleartext key (or
password) off the disk and its backup tapes.
-- John Kodis.