Hi David, first, thanks a lot for giving Balsa a try, and for your feedback! I CC the Balsa mailing list which is usually the best place for your questions… First a question – did you install Balsa from a package repository, or did you compile from sources (or git) yourself? The repo versions are sometimes really outdated, unfortunately; for compiling, see below… Am 01.03.20 11:56 schrieb(en) David:
To my surprise I recognized my password being stored as ROT13 (basically considered plaintext) in: .balsa/config-private
Well, if your system supports libsecret, Balsa tries to use it, and doesn't store credentials itself.
Unfortunately, the relevant configure option's comment
<snip>
--with-libsecret Link to libsecret instead of gnome-keyring
(default=no)
</snip>
is *wrong* – gnome-keyring is deprecated, and Balsa uses either libsecret (as interface to Seahorse aka
“Passwords and Keys”), or stores them, minimally obfuscated, as you observed correctly, in
~/.balsa/config-private. The README is actually correct…
If you compiled Balsa yourself, please install the libsecret development package (e.g. libsecret-1-dev on
Debian), reconfigure with the additional option “--with-libsecret”, and recompile.
When Balsa successfully uses libsecret, you may want to clean the config file by calling
<snip>
sed -e 's/^\(Password\|CertificatePassphrase\)=.*$/\1=/g' -i ~/.balsa/config-private
</snip>
Does this help to solve this issue?
Thanks for your ongoing efforts for the nice client!
Thanks! Best, Albrecht.
Attachment:
pgpECqsS4eY4j.pgp
Description: PGP signature