How do I remove passwords and usernames from my emacs .init file?

Question

Example:

I have IRC username and password in my emacs .init file
I share my .init file across devices using a public github repo
I encrypt this heading in my .init to avoid showing
org-encrypt-entry does NOT always encrypt upon saving file
thus I always have to check before git push
also sometimes I share snippets of my .init with people in IRC to help troubleshoot. Today I posted my IRC pw's and had to immediately reset.

Instead of hardcoding un/pw's in my .init file, can I use some elisp to reference a .gpg dir/file elsewhere?

Have you looked into using `authinfo/netrc` and storing your machine settings in a different location on your hard drive? If your `irc` stuff is not set-up for that, have a look at `get-auth-info` which uses the built-in `auth-source` library: https://emacs.stackexchange.com/a/5844/2287 That link is for a different usage, but the concept is the same -- i.e., how to extract authorization credentials from the `authinfo/netrc` file. — lawlist, Nov 26 '17 at 18:12
I saw another relevant example the other day at https://github.com/jwiegley/dot-emacs/blob/01d93e76f8b44891d122eaaa6baecf326ee3599f/init.el#L287 and https://github.com/jwiegley/dot-emacs/blob/01d93e76f8b44891d122eaaa6baecf326ee3599f/init.el#L1532 — phils, Nov 26 '17 at 21:26
Thank you for the input. This got me in the direction I needed to be going. — SeaDude, Nov 30 '17 at 05:09

SeaDude · Accepted Answer · 2017-11-30T05:12:22.923

Took quite a bit of trial and error, but here was the eventual solution:

Create .authinfo.gpg file in a directory of your choice
Add the following to the .authinfo.gpg file (for IRC login)

machine irc.freenode.net login <your-irc-nick> port nickserv password <your-irc-pw>

Add the following to your emacs .init file

Set the dir where .authinfo.gpg exists

(setq auth-sources 
      '((:source "~/.emacs.d/.authinfo.gpg"
       auth-source-debug t)))

Not sure what this does exactly, but it was required to get things working: https://www.emacswiki.org/emacs/rcircAutoAuthentication

(defadvice rcirc (before rcirc-read-from-authinfo activate)
  (unless arg
  (dolist (p (auth-source-search :port '("nickserv")
                 :require '(:port :user :secret)))
(let ((secret (plist-get p :secret))
      (method (intern (plist-get p :port))))
  (add-to-list 'rcirc-authinfo
           (list (plist-get p :host)
             method
             (plist-get p :user)
             (if (functionp secret)
             (funcall secret)
               secret)))))))

This is, more or less, just general rcirc setup which may help you too :)

(setq rcirc-default-nick "<your-nick>"
  rcirc-default-user-name "<your-nick>"
  rcirc-auto-authenticate-flag t
  rcirc-log-flag t
  rcirc-log-directory "</path/to/irc-logs>"
  rcirc-track-minor-mode 1
  rcirc-server-alist
  '(("irc.freenode.net" :channels ("#your" "#favorite" "#irc-channels"))))

How do I remove passwords and usernames from my emacs .init file?

1 Answers1