To create signatures, decrypt messages, or use nyms, you need a "premail secrets" file. The default filename is /tmp/.premail-secrets.$< , where $< is equal to your numeric user id. To change the filename, use a .premailrc config line such as this one:
$config{'premail-secrets'} = '/mnt/cryptdisk/premail-secrets';
The premail secrets file has this format:
$pgppass{'user'} = 'PGP passphrase for user'; $pgppass{'alternate'} = 'PGP passphrase for alternate';
$penetpass = 'Passphrase for anon.penet.fi';I've moved all the passphrases from .premailrc to the premail secrets file. Thus, .premailrc no longer needs restrictive file permissions. However, make sure your premail secrets file does! "chmod 600 /tmp/.premail-secrets.7437" is well recommended.
To actually create a signature, you can include a "Sign: user" header, or use the caret (^) notation, as follows:
To: my@friend.com^sign=me
Logging in and logging out
Premail generally stores its secrets file in the /tmp directory. In some cases, this is good enough security. In other cases, it might be better to store the file encrypted most of the time, and only decrypt it when necessary. To use this capability of premail, first set a passphrase with:
premail -setpass
You will be prompted for a passphrase. You can use the same passphrase as for your PGP key, or a different one, depending on how many passphrases you want to remember. This command leaves you logged in with the new passphrase set. To log out:
premail -logout
You might consider adding this command to your .logout file, so that it occurs automatically every time you logout of your account.
To log in again:
premail -login
If you are running on a system with X windows, then premail will automatically pop up a window to log in whenever the secrets are needed. If you are not running in X windows, and the secrets are needed, you will get an error. Premail mainly needs the secrets for signing and decrypting, including responses to nyms.
Note there is no connection between MOSS login/logout and premail's.