Alpine without a password

How to use SSH and Alpine so that you don't have to type in a password when you start your Alpine session.

Alpine has the ability to connect to any IMAP server. To connect to the IMAP server at Nevis, from the alpine main menu type "S", then "C", then move the cursor down to the inbox-path option, and type:

{mail.nevis.columbia.edu/ssl/novalidate-cert/user=????}inbox
...where '????' should be replaced by your account name. Note the use of curly brackets (they're not parentheses).

There is a problem with this configuration: you must type in your password every time you start alpine, in order to confirm your account with the mail server. Even though your password is encrypted with the SSL connection, you may not want to go through the trouble of typing it in.

There is a way around this, but it requires you to use ssh to automatically authenticate yourself to the mail server. You'll have to go through a one-time setup procedure to make this work.

Generate a key

You need to set up a public-private key pair. This is usually done using ssh-keygen, which you run on the client computer (the one you run Alpine on):

  • From a shell prompt, type ssh-keygen.

  • ssh-keygen will generate some random numbers, then ask you where to put the private key. The default should be fine, in most cases.

  • Next it asks for a "passphrase" and ask you to confirm it. This is basically a password to go with your key. If you want passwordless access, you'll want to leave the passphrase blank. This will mean that anyone who gets ahold of your private key can access your account, though, so be careful about what you do with it.

  • Then it will generate the file you specified, and another file in the same place with .pub on the end. This is your public key - the one you want to put on the IMAP server.

  • To authorize connections from your alpine machine to the IMAP server, you need to insert the contents of your public key into the ~/.ssh/authorized_keys file in your Linux cluster home directory. You can have more than one public key in that file, but each needs to be on its own line, and NOT WORD WRAPPED. That means using the -w flag if you edit it with nano.

Connect to the mail server

Once you've got your keys in the right place, test the connection by typing:

ssh mail.nevis.columbia.edu /usr/libexec/dovecot/imap
from a shell prompt on your Alpine machine. You will have to accept authenticity of the RSA key. It should then connect without requiring a password. You should see a message that begins with the text PREAUTH. Type Control-D to get out of the imapd program.

If it does require a password, then your keys aren't set up right.

Configure alpine

Finally, set your alpine inbox to be:

{mail.nevis.columbia.edu}inbox

(In theory, you would also have to set up the SSH command in Alpine. This is not necessary on the Linux cluster; I've set this up for you in the file /etc/pine.conf.)

After going through this procedure, when you start up alpine, you should simply be connected to the mail server without typing a password.

Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r3 - 2016-10-04 - WilliamSeligman
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2018 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback