Doveadm encrypt/decrypt files manually with per-user folder keys
Ben Burk
ben at burk.tech
Wed Jul 14 18:31:51 EEST 2021
One more question and I think I should be ok. I just need to encrypt
unencrypted mails after having originally enabled mail_crypt.
I've determined how to decrypt encrypted mails from command line using
the private key for the mail folder, like so:
sudo -u vmail doveadm -o plugin/mail_crypt_private_password="${pass}"
mailbox cryptokey export -u user test | awk '/BEGIN PRIVATE KEY/,/END
PRIVATE KEY/' | sudo -u vmail tee /tmp/doveadm_HfztmQ-6192-3032
>/dev/null 2>&1
sudo -u vmail doveadm fs get crypt
private_key_path=/tmp/doveadm_HfztmQ-6192-3032:posix:prefix=/var/mail/domain/user/Maildir/test/cur/
1626274985.M269696P3026.smtp\,S\=11765\,W\=12153\:2\,S
However, I'm still not sure how I'm supposed to export the public key to
do the encryption operation on unencrypted mail. The only keys that I've
been able to export for this folder-key system are the private keys per
folder and the private keys for the user:
sudo -u vmail doveadm -o plugin/mail_crypt_private_password="${pass}"
mailbox cryptokey export -u user test
sudo -u vmail doveadm -o plugin/mail_crypt_private_password="${pass}"
mailbox cryptokey export -u user -U
I've tried with
On 7/12/21 1:25 AM, Aki Tuomi wrote:
> Try
>
> sudo -u vmail doveadm -o plugin/mail_crypt_private_password="${pass}" mailbox cryptokey export -u user '*'
>
> (note the '*')
>
> Aki
>
>> --
>> Ben Burk
>> BURK.TECH System Administrator
--
Ben Burk
BURK.TECH System Administrator
More information about the dovecot
mailing list