Created
December 20, 2017 16:12
Send OS X Mail Digitally Signed without Password
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| If you want to digitally sign your e-mail but not provide a password to unlock your keychain every time (for example, because you want to send Automator e-mails) you can do this in a few easy steps. | |
| 1. Open Keychain Access | |
| 2. Under the Keys category, find the private key associated with your e-mail certificate | |
| 3. Double click on it to open its info | |
| 4. Open the Access Control tab, providing credentials if asked | |
| 5. Select the Allow all applications to access this item radio button and then click Save Changes | |
| Your mail client will no longer need to elevate privileges to access the private key and will therefore be able to sign and decrypt your mail messages without password. | |
| Be aware the obvious security ramifications of this are that anyone who gains momentary access to your machine will be able to copy this private key for abuse. However, a persistent threat could still eventually gain access to this key through a local social engineering attack or by using a keylogger and waiting for you to legitimately open the key. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment