From 73a4fc9c0b67a4dbcb25a263924a1bb5dbd9f80f Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Wed, 23 Aug 2017 08:28:25 +0200 Subject: [PATCH 01/16] remove obsolete status backend --- .offlineimaprc | 2 -- 1 file changed, 2 deletions(-) diff --git a/.offlineimaprc b/.offlineimaprc index 5f1a899..98d328f 100644 --- a/.offlineimaprc +++ b/.offlineimaprc @@ -21,7 +21,6 @@ localrepository = local-main remoterepository = madduck.net autorefresh = 15 quick = 16 -status_backend = sqlite postsynchook = ! command -v notmuch >/dev/null || ionice -c3 nice -20 notmuch new [Account madduck.net_bulk] @@ -29,7 +28,6 @@ localrepository = local-main remoterepository = madduck.net_bulk autorefresh = 15 quick = 16 -status_backend = sqlite #postsynchook = ionice -c3 nice -20 notmuch new [Repository local-main] -- 2.39.2 From f49bbf82898293287b5f96064623f52e63f21812 Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Wed, 23 Aug 2017 08:27:56 +0200 Subject: [PATCH 02/16] add v6 address to known hosts --- .offlineimap/known_hosts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.offlineimap/known_hosts b/.offlineimap/known_hosts index 075b11e..8f81bb2 100644 --- a/.offlineimap/known_hosts +++ b/.offlineimap/known_hosts @@ -1 +1 @@ -madduck-net.imap.madduck.net,188.174.253.166 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLV2A1dP8+GTTwD2jTX14KLiq+uTaM9mg+qtbVskQ0IOfCmBQUqQHcUmsUmQwsK6OcTpHdTlbOE2AUQMs9qorAs= +madduck-net.imap.madduck.net,188.174.253.166,2001:a60:902f::bcae:fda6 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLV2A1dP8+GTTwD2jTX14KLiq+uTaM9mg+qtbVskQ0IOfCmBQUqQHcUmsUmQwsK6OcTpHdTlbOE2AUQMs9qorAs= -- 2.39.2 From 901347ff646e78869a8e0c150484736ed1776eec Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Thu, 8 Mar 2018 11:55:29 +0400 Subject: [PATCH 03/16] do not run from cron if lockfile exists --- .crontab.d/offlineimap | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.crontab.d/offlineimap b/.crontab.d/offlineimap index 3837a9e..8d01b95 100644 --- a/.crontab.d/offlineimap +++ b/.crontab.d/offlineimap @@ -1,2 +1,2 @@ -*/30 * * * * sleep $((900 * $RANDOM / 32768)) && ip r | grep -q via && offlineimap -u Quiet -o -a madduck.net -55 */8 * * * sleep $((300 * $RANDOM / 32768)) && ip r | grep -q via && offlineimap -u Quiet -o -a madduck.net_bulk +*/30 * * * * sleep $((900 * $RANDOM / 32768)) && ip r | grep -q via && [ -e $VARDIR/offlineimap/madduck.net.lock ] || offlineimap -u Quiet -o -a madduck.net +55 */8 * * * sleep $((300 * $RANDOM / 32768)) && ip r | grep -q via && [ -e $VARDIR/offlineimap/madduck.net_bulk.lock ] || offlineimap -u Quiet -o -a madduck.net_bulk -- 2.39.2 From 40e7dafa71657f7b38555d02195ee00b324caa16 Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Sat, 21 Jul 2018 11:50:27 +1200 Subject: [PATCH 04/16] exclude duplicate folders --- .offlineimap/helper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.offlineimap/helper.py b/.offlineimap/helper.py index 1744243..454d1e6 100644 --- a/.offlineimap/helper.py +++ b/.offlineimap/helper.py @@ -2,7 +2,7 @@ import re -base_excludes = ['delayed', 'outgoing', 'Trash', 'Queue', 'inbox'] +base_excludes = ['delayed', 'outgoing', 'Trash', 'Queue', 'inbox', 'Spam', 'Sent', 'Drafts'] base_excludes_re = [ '[Ss]ent.*' ] full_excludes_re = ['discard', 'spool', 'spam', 'store/.+'] prioritised = ['resubmit','drafts','inbox','ardex','kbkg','toni','tahi','debian','mtfk','admin','retrain'] -- 2.39.2 From a432b366efebdc9ae6e0757169e4a1cea70fa885 Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Thu, 31 Oct 2019 16:15:45 +1300 Subject: [PATCH 05/16] Switch to using systemd-controlled persistent offlineimap --- .../offlineimap@madduck.net.service | 1 + .config/systemd/user/offlineimap@.service | 13 +++++++++++++ .crontab.d/offlineimap | 1 - .gitignore.d/offlineimap | 8 ++++---- 4 files changed, 18 insertions(+), 5 deletions(-) create mode 120000 .config/systemd/user/default.target.wants/offlineimap@madduck.net.service create mode 100644 .config/systemd/user/offlineimap@.service diff --git a/.config/systemd/user/default.target.wants/offlineimap@madduck.net.service b/.config/systemd/user/default.target.wants/offlineimap@madduck.net.service new file mode 120000 index 0000000..9b25838 --- /dev/null +++ b/.config/systemd/user/default.target.wants/offlineimap@madduck.net.service @@ -0,0 +1 @@ +../offlineimap@.service \ No newline at end of file diff --git a/.config/systemd/user/offlineimap@.service b/.config/systemd/user/offlineimap@.service new file mode 100644 index 0000000..a3088f9 --- /dev/null +++ b/.config/systemd/user/offlineimap@.service @@ -0,0 +1,13 @@ +[Unit] +Description=Offlineimap Service for account %i +Documentation=man:offlineimap(1) + +[Service] +ExecStart=/usr/bin/offlineimap -a %i -u quiet +#StandardOutput=file:$RUNTIME_DIRECTORY/offlineimap +#StandardError=file:$RUNTIME_DIRECTORY/offlineimap +Restart=always +RestartSec=60 + +[Install] +WantedBy=default.target diff --git a/.crontab.d/offlineimap b/.crontab.d/offlineimap index 8d01b95..d4c8fa6 100644 --- a/.crontab.d/offlineimap +++ b/.crontab.d/offlineimap @@ -1,2 +1 @@ -*/30 * * * * sleep $((900 * $RANDOM / 32768)) && ip r | grep -q via && [ -e $VARDIR/offlineimap/madduck.net.lock ] || offlineimap -u Quiet -o -a madduck.net 55 */8 * * * sleep $((300 * $RANDOM / 32768)) && ip r | grep -q via && [ -e $VARDIR/offlineimap/madduck.net_bulk.lock ] || offlineimap -u Quiet -o -a madduck.net_bulk diff --git a/.gitignore.d/offlineimap b/.gitignore.d/offlineimap index 91edf56..76a4e79 100644 --- a/.gitignore.d/offlineimap +++ b/.gitignore.d/offlineimap @@ -1,10 +1,10 @@ * -!/.crontab.d +!/.config/systemd/user/default.target.wants/offlineimap@madduck.net.service +!/.config/systemd/user/offlineimap@.service !/.crontab.d/offlineimap -!/.offlineimap +!/.gitignore.d/offlineimap !/.offlineimap/.gitignore !/.offlineimap/helper.py +!/.offlineimap/known_hosts !/.offlineimaprc -!/.var -!/.var/offlineimap !/.var/offlineimap/.gitignore -- 2.39.2 From 9f69969572ae55c78668df8b49be570ebc0d7aed Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Thu, 31 Oct 2019 20:46:26 +1300 Subject: [PATCH 06/16] rename ssh key file to include host and not algo --- .offlineimap/.gitignore | 3 +-- .offlineimaprc | 6 ++++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.offlineimap/.gitignore b/.offlineimap/.gitignore index 4cd5de2..89b5322 100644 --- a/.offlineimap/.gitignore +++ b/.offlineimap/.gitignore @@ -1,3 +1,2 @@ -id_rsa.imap@seamus -id_rsa.imap@seamus.pub +*.ssh-???key helper.pyc diff --git a/.offlineimaprc b/.offlineimaprc index 98d328f..dfe3212 100644 --- a/.offlineimaprc +++ b/.offlineimaprc @@ -39,7 +39,8 @@ sep = / type = IMAP maxconnections = 5 holdconnectionopen = yes -preauthtunnel = SSH_AUTH_SOCK= ssh -TCaxS ~/.var/offlineimap/ssh_ctl_sock -o "ControlMaster auto" -o "ProtocolKeepAlives 10" -o "ConnectTimeout 60" -o "UserKnownHostsFile ~/.offlineimap/known_hosts" -i ~/.offlineimap/id_ecdsa madduck-net.imap.madduck.net +ssh_host = madduck-net.imap.madduck.net +preauthtunnel = SSH_AUTH_SOCK= ssh -TCaxS ~/.var/offlineimap/ssh_ctl_sock -o "ControlMaster auto" -o "ProtocolKeepAlives 10" -o "ConnectTimeout 60" -o "UserKnownHostsFile ~/.offlineimap/known_hosts" -i ~/.offlineimap/%(ssh_host)s.ssh-seckey %(ssh_host)s expunge = yes foldersort = py_foldersort_main nametrans = py_nametrans @@ -49,7 +50,8 @@ folderfilter = py_folderfilter_main type = IMAP maxconnections = 1 holdconnectionopen = yes -preauthtunnel = SSH_AUTH_SOCK= ssh -TCaxS ~/.var/offlineimap/ssh_ctl_sock_bulk -o "ControlMaster auto" -o "ProtocolKeepAlives 10" -o "ConnectTimeout 60" -o "UserKnownHostsFile ~/.offlineimap/known_hosts" -i ~/.offlineimap/id_ecdsa madduck-net.imap.madduck.net +ssh_host = madduck-net.imap.madduck.net +preauthtunnel = SSH_AUTH_SOCK= ssh -TCaxS ~/.var/offlineimap/ssh_ctl_sock_bulk -o "ControlMaster auto" -o "ProtocolKeepAlives 10" -o "ConnectTimeout 60" -o "UserKnownHostsFile ~/.offlineimap/known_hosts" -i ~/.offlineimap/%(ssh_host)s.ssh-seckey %(ssh_host)s expunge = yes folderfilter = py_folderfilter_bulk foldersort = py_foldersort_main -- 2.39.2 From bd99029e60ea5b8f5d1092faddd23a7ee32209dc Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Thu, 12 Dec 2019 10:23:52 +0100 Subject: [PATCH 07/16] Move SSH config from command line to a file --- .gitignore.d/offlineimap | 1 + .offlineimap/ssh_config | 15 +++++++++++++++ .offlineimaprc | 4 ++-- 3 files changed, 18 insertions(+), 2 deletions(-) create mode 100644 .offlineimap/ssh_config diff --git a/.gitignore.d/offlineimap b/.gitignore.d/offlineimap index 76a4e79..72fc236 100644 --- a/.gitignore.d/offlineimap +++ b/.gitignore.d/offlineimap @@ -7,4 +7,5 @@ !/.offlineimap/helper.py !/.offlineimap/known_hosts !/.offlineimaprc +!/.offlineimap/ssh_config !/.var/offlineimap/.gitignore diff --git a/.offlineimap/ssh_config b/.offlineimap/ssh_config new file mode 100644 index 0000000..8301f15 --- /dev/null +++ b/.offlineimap/ssh_config @@ -0,0 +1,15 @@ +Host madduck-net.imap.madduck.net + IdentityAgent none + ForwardAgent no + ForwardX11 no + + ConnectTimeout 60 + ProtocolKeepAlives 10 + RequestTTY no + Compression yes + + StrictHostKeyChecking yes + UserKnownHostsFile ~/.offlineimap/known_hosts + + ControlMaster auto + ControlPath ~/.var/offlineimap/ssh_ctl_sock diff --git a/.offlineimaprc b/.offlineimaprc index dfe3212..85f642c 100644 --- a/.offlineimaprc +++ b/.offlineimaprc @@ -40,7 +40,7 @@ type = IMAP maxconnections = 5 holdconnectionopen = yes ssh_host = madduck-net.imap.madduck.net -preauthtunnel = SSH_AUTH_SOCK= ssh -TCaxS ~/.var/offlineimap/ssh_ctl_sock -o "ControlMaster auto" -o "ProtocolKeepAlives 10" -o "ConnectTimeout 60" -o "UserKnownHostsFile ~/.offlineimap/known_hosts" -i ~/.offlineimap/%(ssh_host)s.ssh-seckey %(ssh_host)s +preauthtunnel = ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/%(ssh_host)s.ssh-seckey %(ssh_host)s expunge = yes foldersort = py_foldersort_main nametrans = py_nametrans @@ -51,7 +51,7 @@ type = IMAP maxconnections = 1 holdconnectionopen = yes ssh_host = madduck-net.imap.madduck.net -preauthtunnel = SSH_AUTH_SOCK= ssh -TCaxS ~/.var/offlineimap/ssh_ctl_sock_bulk -o "ControlMaster auto" -o "ProtocolKeepAlives 10" -o "ConnectTimeout 60" -o "UserKnownHostsFile ~/.offlineimap/known_hosts" -i ~/.offlineimap/%(ssh_host)s.ssh-seckey %(ssh_host)s +preauthtunnel = ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/%(ssh_host)s.ssh-seckey %(ssh_host)s expunge = yes folderfilter = py_folderfilter_bulk foldersort = py_foldersort_main -- 2.39.2 From 454684eed5426d457ec49600b206f0dd1312fb1f Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Sun, 22 Mar 2020 16:21:20 +1300 Subject: [PATCH 08/16] switch bulk offlineimap to systemd service --- .../default.target.wants/offlineimap@madduck.net_bulk.service | 1 + .crontab.d/offlineimap | 1 - .gitignore.d/offlineimap | 2 +- .offlineimaprc | 4 ++-- 4 files changed, 4 insertions(+), 4 deletions(-) create mode 120000 .config/systemd/user/default.target.wants/offlineimap@madduck.net_bulk.service delete mode 100644 .crontab.d/offlineimap diff --git a/.config/systemd/user/default.target.wants/offlineimap@madduck.net_bulk.service b/.config/systemd/user/default.target.wants/offlineimap@madduck.net_bulk.service new file mode 120000 index 0000000..36d7a24 --- /dev/null +++ b/.config/systemd/user/default.target.wants/offlineimap@madduck.net_bulk.service @@ -0,0 +1 @@ +/home/madduck/.config/systemd/user/offlineimap@.service \ No newline at end of file diff --git a/.crontab.d/offlineimap b/.crontab.d/offlineimap deleted file mode 100644 index d4c8fa6..0000000 --- a/.crontab.d/offlineimap +++ /dev/null @@ -1 +0,0 @@ -55 */8 * * * sleep $((300 * $RANDOM / 32768)) && ip r | grep -q via && [ -e $VARDIR/offlineimap/madduck.net_bulk.lock ] || offlineimap -u Quiet -o -a madduck.net_bulk diff --git a/.gitignore.d/offlineimap b/.gitignore.d/offlineimap index 72fc236..7acdc90 100644 --- a/.gitignore.d/offlineimap +++ b/.gitignore.d/offlineimap @@ -1,7 +1,7 @@ * +!/.config/systemd/user/default.target.wants/offlineimap@madduck.net_bulk.service !/.config/systemd/user/default.target.wants/offlineimap@madduck.net.service !/.config/systemd/user/offlineimap@.service -!/.crontab.d/offlineimap !/.gitignore.d/offlineimap !/.offlineimap/.gitignore !/.offlineimap/helper.py diff --git a/.offlineimaprc b/.offlineimaprc index 85f642c..aa7267c 100644 --- a/.offlineimaprc +++ b/.offlineimaprc @@ -26,7 +26,7 @@ postsynchook = ! command -v notmuch >/dev/null || ionice -c3 nice -20 notmuch ne [Account madduck.net_bulk] localrepository = local-main remoterepository = madduck.net_bulk -autorefresh = 15 +autorefresh = 360 quick = 16 #postsynchook = ionice -c3 nice -20 notmuch new @@ -49,7 +49,7 @@ folderfilter = py_folderfilter_main [Repository madduck.net_bulk] type = IMAP maxconnections = 1 -holdconnectionopen = yes +holdconnectionopen = no ssh_host = madduck-net.imap.madduck.net preauthtunnel = ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/%(ssh_host)s.ssh-seckey %(ssh_host)s expunge = yes -- 2.39.2 From a97cc198421e75404afe53533ead1278df1f96b1 Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Sun, 22 Mar 2020 16:39:51 +1300 Subject: [PATCH 09/16] encapsulate preauthtunnel in script --- .gitignore.d/offlineimap | 1 + .offlineimap/preauthtunnel.sh | 3 +++ .offlineimaprc | 4 ++-- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100755 .offlineimap/preauthtunnel.sh diff --git a/.gitignore.d/offlineimap b/.gitignore.d/offlineimap index 7acdc90..03dcd57 100644 --- a/.gitignore.d/offlineimap +++ b/.gitignore.d/offlineimap @@ -6,6 +6,7 @@ !/.offlineimap/.gitignore !/.offlineimap/helper.py !/.offlineimap/known_hosts +!/.offlineimap/preauthtunnel.sh !/.offlineimaprc !/.offlineimap/ssh_config !/.var/offlineimap/.gitignore diff --git a/.offlineimap/preauthtunnel.sh b/.offlineimap/preauthtunnel.sh new file mode 100755 index 0000000..0976974 --- /dev/null +++ b/.offlineimap/preauthtunnel.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +exec ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/${1}.ssh-seckey ${1} diff --git a/.offlineimaprc b/.offlineimaprc index aa7267c..bcc8bbc 100644 --- a/.offlineimaprc +++ b/.offlineimaprc @@ -40,7 +40,7 @@ type = IMAP maxconnections = 5 holdconnectionopen = yes ssh_host = madduck-net.imap.madduck.net -preauthtunnel = ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/%(ssh_host)s.ssh-seckey %(ssh_host)s +preauthtunnel = .offlineimap/preauthtunnel.sh %(ssh_host)s expunge = yes foldersort = py_foldersort_main nametrans = py_nametrans @@ -51,7 +51,7 @@ type = IMAP maxconnections = 1 holdconnectionopen = no ssh_host = madduck-net.imap.madduck.net -preauthtunnel = ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/%(ssh_host)s.ssh-seckey %(ssh_host)s +preauthtunnel = .offlineimap/preauthtunnel.sh %(ssh_host)s expunge = yes folderfilter = py_folderfilter_bulk foldersort = py_foldersort_main -- 2.39.2 From a9d2139bc5facb84db13a457be1f38406d41d59d Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Wed, 30 Dec 2020 14:42:23 +1300 Subject: [PATCH 10/16] readying for offlineimap3 --- .offlineimap/helper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.offlineimap/helper.py b/.offlineimap/helper.py index 454d1e6..d758d95 100644 --- a/.offlineimap/helper.py +++ b/.offlineimap/helper.py @@ -19,7 +19,7 @@ def py_foldersort_main(x, y): return +1 elif y.startswith(prefix): return -1 - return cmp(x, y) + return (x > y) - (x < y) def py_nametrans(x): return re.sub('^INBOX', 'inbox', x) -- 2.39.2 From 90d274b08e16272fa7cf2ae1e2e6db9164639253 Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Wed, 30 Dec 2020 14:45:55 +1300 Subject: [PATCH 11/16] full path to preauthtunnel with offlineimap3! --- .offlineimaprc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.offlineimaprc b/.offlineimaprc index bcc8bbc..0234271 100644 --- a/.offlineimaprc +++ b/.offlineimaprc @@ -40,7 +40,7 @@ type = IMAP maxconnections = 5 holdconnectionopen = yes ssh_host = madduck-net.imap.madduck.net -preauthtunnel = .offlineimap/preauthtunnel.sh %(ssh_host)s +preauthtunnel = ~/.offlineimap/preauthtunnel.sh %(ssh_host)s expunge = yes foldersort = py_foldersort_main nametrans = py_nametrans @@ -51,7 +51,7 @@ type = IMAP maxconnections = 1 holdconnectionopen = no ssh_host = madduck-net.imap.madduck.net -preauthtunnel = .offlineimap/preauthtunnel.sh %(ssh_host)s +preauthtunnel = ~/.offlineimap/preauthtunnel.sh %(ssh_host)s expunge = yes folderfilter = py_folderfilter_bulk foldersort = py_foldersort_main -- 2.39.2 From fc28fd2c48dde4dc6666f76d394d471873467ee5 Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Wed, 30 Dec 2020 15:22:45 +1300 Subject: [PATCH 12/16] dispose of preauth shell process --- .offlineimaprc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.offlineimaprc b/.offlineimaprc index 0234271..83db810 100644 --- a/.offlineimaprc +++ b/.offlineimaprc @@ -40,7 +40,7 @@ type = IMAP maxconnections = 5 holdconnectionopen = yes ssh_host = madduck-net.imap.madduck.net -preauthtunnel = ~/.offlineimap/preauthtunnel.sh %(ssh_host)s +preauthtunnel = exec ~/.offlineimap/preauthtunnel.sh %(ssh_host)s expunge = yes foldersort = py_foldersort_main nametrans = py_nametrans @@ -51,7 +51,7 @@ type = IMAP maxconnections = 1 holdconnectionopen = no ssh_host = madduck-net.imap.madduck.net -preauthtunnel = ~/.offlineimap/preauthtunnel.sh %(ssh_host)s +preauthtunnel = exec ~/.offlineimap/preauthtunnel.sh %(ssh_host)s expunge = yes folderfilter = py_folderfilter_bulk foldersort = py_foldersort_main -- 2.39.2 From 03eefc3f0985ba8f108b3ec906c712999a9f7848 Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Tue, 22 Mar 2022 08:11:37 +0100 Subject: [PATCH 13/16] add server-side config comment --- .offlineimap/preauthtunnel.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.offlineimap/preauthtunnel.sh b/.offlineimap/preauthtunnel.sh index 0976974..778cf0d 100755 --- a/.offlineimap/preauthtunnel.sh +++ b/.offlineimap/preauthtunnel.sh @@ -1,3 +1,15 @@ #!/bin/sh exec ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/${1}.ssh-seckey ${1} + +# this relies on the IMAP command being specified on the server side, i.e. in +# ~/.ssh/authorized_keys, put a line like the following +# +# command="MAIL=$HOME/.maildir /usr/lib/dovecot/imap 2>/dev/null",no-agent-forwarding,no-X11-forwarding,no-port-forwarding,no-pty ssh-ed25519 AAA… +# +# Then, when you invoke this script directly, you should see the IMAP server +# greet you: +# +# % ~/.offlineimap/preauthtunnel.sh madduck-net.imap.madduck.net +# * PREAUTH [CAPABILITY IMAP4rev1 […]] Logged in as madduck + -- 2.39.2 From d6a4ae14caaba23c6a9e5dab475c2f5702341661 Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Tue, 22 Mar 2022 09:21:55 +0100 Subject: [PATCH 14/16] Ensure we use the right SSH key --- .offlineimap/preauthtunnel.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.offlineimap/preauthtunnel.sh b/.offlineimap/preauthtunnel.sh index 778cf0d..b0acb50 100755 --- a/.offlineimap/preauthtunnel.sh +++ b/.offlineimap/preauthtunnel.sh @@ -1,5 +1,7 @@ #!/bin/sh +unset SSH_AUTH_SOCK + exec ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/${1}.ssh-seckey ${1} # this relies on the IMAP command being specified on the server side, i.e. in -- 2.39.2 From 1fcf2cfd215e0b3fb35eb5420f6a421c7c67d45e Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Tue, 22 Mar 2022 09:22:16 +0100 Subject: [PATCH 15/16] Add instructions to SSH call --- .offlineimap/preauthtunnel.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.offlineimap/preauthtunnel.sh b/.offlineimap/preauthtunnel.sh index b0acb50..c99f59b 100755 --- a/.offlineimap/preauthtunnel.sh +++ b/.offlineimap/preauthtunnel.sh @@ -2,15 +2,17 @@ unset SSH_AUTH_SOCK -exec ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/${1}.ssh-seckey ${1} +exec ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/${1}.ssh-seckey ${1} \ + echo -e "Please configure \~/.ssh/authorized_keys on the server and prepend the line with the public key corresponding to the password-less SSH key in ~/.offlineimap/${1}.ssh-seckey :\\\n\\\n 'command=\"MAIL=\$HOME/.maildir /usr/lib/dovecot/imap 2>/dev/null\",no-agent-forwarding,no-X11-forwarding,no-port-forwarding,no-pty'" -# this relies on the IMAP command being specified on the server side, i.e. in +# This relies on the IMAP command being specified on the server side, i.e. in # ~/.ssh/authorized_keys, put a line like the following # # command="MAIL=$HOME/.maildir /usr/lib/dovecot/imap 2>/dev/null",no-agent-forwarding,no-X11-forwarding,no-port-forwarding,no-pty ssh-ed25519 AAA… # -# Then, when you invoke this script directly, you should see the IMAP server -# greet you: +# When a command is specified like this, it overrides the instructions being +# passed in the command above. So, when you invoke this script directly, you +# should see the IMAP server greet you: # # % ~/.offlineimap/preauthtunnel.sh madduck-net.imap.madduck.net # * PREAUTH [CAPABILITY IMAP4rev1 […]] Logged in as madduck -- 2.39.2 From 7218ce240e6f46b8a9d66d6ec582ed93c8cbdf4f Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Tue, 22 Mar 2022 09:25:26 +0100 Subject: [PATCH 16/16] fixup! Ensure we use the right SSH key --- .offlineimap/preauthtunnel.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/.offlineimap/preauthtunnel.sh b/.offlineimap/preauthtunnel.sh index c99f59b..b341fc3 100755 --- a/.offlineimap/preauthtunnel.sh +++ b/.offlineimap/preauthtunnel.sh @@ -1,5 +1,6 @@ #!/bin/sh +# Ensure we don't use an existing SSH agent unset SSH_AUTH_SOCK exec ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/${1}.ssh-seckey ${1} \ -- 2.39.2