Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Send OS X Mail Digitally Signed without Password
If you want to digitally sign your e-mail but not provide a password to unlock your keychain every time (for example, because you want to send Automator e-mails) you can do this in a few easy steps.
1. Open Keychain Access
2. Under the Keys category, find the private key associated with your e-mail certificate
3. Double click on it to open its info
4. Open the Access Control tab, providing credentials if asked
5. Select the Allow all applications to access this item radio button and then click Save Changes
Your mail client will no longer need to elevate privileges to access the private key and will therefore be able to sign and decrypt your mail messages without password.
Be aware the obvious security ramifications of this are that anyone who gains momentary access to your machine will be able to copy this private key for abuse. However, a persistent threat could still eventually gain access to this key through a local social engineering attack or by using a keylogger and waiting for you to legitimately open the key.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment