The same with encrypted, compressed archives: open a. py.gpg file and it is first decrypted and then the normal python-mode machinery kicks in. And, of course, you can nest the file extensions: Open a. If you then re-open it, you will be prompted for the same pass phrase and Emacs will decrypt it and open it. Emacs will prompt you for a key (if you have any) or, if you don’t pick one, a pass phrase to symmetrically encrypt the file with. To test it out, open a file – such as /tmp/foobar.gpg – write some text and then save it with C-x C-s. The variable auto-mode-alist controls how Emacs assigns major modes when you open certain files in this instance, any file that ends with. The EasyPG package hooks into Emacs and will, transparently, detect GnuPG files. One of the nicest features of Emacs’s GnuPG support is that it transparently decrypts and re-encrypts files you open and save in Emacs. You can customize the epg-gpg-program variable to the name of the tool you want Emacs to use: (setq epg-gpg-program "gpg2") Transparent File Cryptography with EasyPG This often happens as there is also a GPG version 2 named, aptly, gpg2. You may find that gpg cannot be found on your computer. With EasyPG you can both sign and verify files, and encrypt and decrypt them, both symmetrically with passphrases and asymmetrically with public-private keys.
Emacs – as you would expect – has integrated support for basic GnuPG features through a built-in package called EasyPG.
It’s especially useful for both symmetric and asymmetric cryptography: whether you are signing binaries or archives encrypting or decrypting files with keys or merely symmetrically encrypting them with a pass phrase, GPG is simply a great tool to have around.īut GnuPG is also useful in Emacs.
GNU Privacy Guard ( GnuPG) is a powerful tool and a free implementation of the OpenPGP standard. Keeping Secrets in Emacs with GnuPG & EasyPG
I will also show you how to use the auth-source package – a unified interface for different secrets backends – and how you can use it to automatically log in to various external services with public-private keys. This article will teach you how to use Emacs’s native support for GnuPG – a package called EasyPG, or epa – to both sign/verify and encrypt/decrypt files, and how you can use this knowledge to store secrets that Emacs can understand. Depending on your level of paranoia (it’s not paranoia if they really are watching you…) the advice in this article may not be enough but for most, though, keeping your secrets encrypted on your file system is an easy way of keeping your secrets secret.Įmacs, obviously, can do this for you, and in a variety of ways. Storing your secrets in plain text is Bad Idea whether it’s your Vogon Poetry or your e-mail credentials.