I have a file in my Linux system that's called ".fetchmailrc" and it's used to configure the email address that fetchmail will get the mails from. Hence, I have to type my password and email address in plain text.

Here is how the .fetchmailrc file looks like:

set daemon 1
set logfile /home/user/.fetchmail.log
set no bouncemail
poll pop.gmail.com proto POP3 auth password no dns user "MY_EMAIL" password     "MY_PASSWORD" is user keep ssl

mda "/usr/bin/procmail -d %T"

I believe there must be a better way to do this, since if a hacker get access to my server, he can easily read the file and get my credentials.

I heard that in Linux systems there is PAM (Pluggable Authentication Modules) but I don't know if that is related to what I'm trying to do.

William Tang

Posted 2018-12-05T02:38:49.760

Reputation: 43

Answers

No matter how you store your passwords, when running a program that doesn't prompt for your passwords, the program has to decrypt the stored password with information available on the server. A "hacker" gaining access to your server can use all information stored on the server. So he can also decrypt the password in the same way the program decrypts it.

If the scheme you use to encrypt and store your password is a bit more involved, it may take the "hacker" a bit longer.

So there's no way to do what you want: No matter how you store your password, you can't make it "hacker safe". The hacker just has to do whatever the program does (or maybe even just execute the program, and sniff the network traffic).

PAM modules have nothing to do with that. They are not for storing passwords, but provide ways to configure authentication methods for existing Linux services. A program wishing to use PAM has to be written for it.

dirkt

Posted 2018-12-05T02:38:49.760

Reputation: 11 627

Use the Kernel Key Retention Service

If you're worried about someone getting repeated root access to your system, then there's virtually nothing you can do after that. (But that's a nightmare, follow best practices & keep good backups).

However, if everything's still secure, then you could do much better than leaving a password in a plain text file (anyone finding your running or shutdown system drive can read it). Do things like:

Encrypt your home, so the text file (in $HOME) is encrypted at least when you're not logged in.
Encrypt your entire drive, similar to above.
Don't keep the password in a file, only type it in yourself when needed
If you have to store typed passwords, type them at login then put them:
- in a variable (in ram, though they could land in swap)
- in the kernel's key retention service (keyring in ram, more safely). See https://www.kernel.org/doc/Documentation/security/keys.txt and man keyctl, man keyrings, perhaps some practical examples & notes from Anthony Thyssen

Xen2050

Posted 2018-12-05T02:38:49.760

Reputation: 12 097

getting fetchmail to use the kernel keyring might be a bit of work, though. – dirkt – 2018-12-05T12:15:09.077

It should accept a password some other way than as a command line argument (those are visible to everyone through ps). Accepting through a pipe / stdin is very common. – Xen2050 – 2018-12-05T12:20:55.337

How to securely store passwords in a configuration file on Linux?

Answers

Use the Kernel Key Retention Service