On Fri, Jan 25, 2008 at 01:25:15PM -0500, Joey Hess wrote: > Amit Uttamchandani wrote: > > Recently moved from Mac to Debian Linux. I am looking for a nice and > > powerful FLOSS password manager similar to "Keychain" on Mac OS X. > > > > I preferably would want a CLI tool...so I could remote login using SSH and > > look at some passwords that I have forgotten. > > vim + gpg > > vim can be configured to automatically use gpg to decrypt *.gpg files > when they're read and re-encrypt thenm when saving. The decrypted data > never touches the disk (though encrypting your swap partition too wouldn't > hurt). > > Dump the following in your .vimrc: > > " Transparent editing of gpg encrypted files. > " By Wouter Hanegraaff <[EMAIL PROTECTED]> > augroup encrypted > au! > > " First make sure nothing is written to ~/.viminfo while editing > " an encrypted file. > autocmd BufReadPre,FileReadPre *.gpg set viminfo= > " We don't want a swap file, as it writes unencrypted data to disk > autocmd BufReadPre,FileReadPre *.gpg set noswapfile > " Switch to binary mode to read the encrypted file > autocmd BufReadPre,FileReadPre *.gpg set bin > autocmd BufReadPre,FileReadPre *.gpg let ch_save = &ch|set ch=2 > autocmd BufReadPost,FileReadPost *.gpg '[,']!gpg --decrypt 2> /dev/null > " Switch to normal mode for editing > autocmd BufReadPost,FileReadPost *.gpg set nobin > autocmd BufReadPost,FileReadPost *.gpg let &ch = ch_save|unlet ch_save > autocmd BufReadPost,FileReadPost *.gpg execute ":doautocmd BufReadPost > " . expand("%:r") > > " Convert all text to encrypted text before writing > autocmd BufWritePre,FileWritePre *.gpg '[,']!gpg > --default-key=80BF97AA --default-recipient-self -ae 2>/dev/null > " Undo the encryption so we are back in the normal text, directly > " after the file has been written. > autocmd BufWritePost,FileWritePost *.gpg u > augroup END
I had trouble with this occasionally, probably when the encrypted file had invalid byte sequences for the charset. The unencrypted file had only 7 bit characters. Symptom was inability to read the .gpg file written from within vim. Note the 'set bin' pair for the write path too. augroup encrypted au! " First make sure nothing is written to ~/.viminfo while editing " an encrypted file. autocmd BufReadPre,FileReadPre,BufNewFile *.gpg,*.asc set viminfo= " We don't want a swap file, as it writes unencrypted data to disk. autocmd BufReadPre,FileReadPre,BufNewFile *.gpg,*.asc set noswapfile " Switch to binary mode to read the encrypted file. autocmd BufReadPre,FileReadPre *.gpg set bin autocmd BufReadPre,FileReadPre *.gpg,*.asc let ch_save = &ch|set ch=2 autocmd BufReadPost,FileReadPost *.gpg,*.asc \ '[,']!sh -c 'gpg --decrypt 2> /dev/null' " Switch to normal mode for editing autocmd BufReadPost,FileReadPost *.gpg set nobin autocmd BufReadPost,FileReadPost *.gpg,*.asc let &ch = ch_save|unlet ch_save autocmd BufReadPost,FileReadPost *.gpg,*.asc \ execute ":doautocmd BufReadPost " . expand("%:r") " Convert all text to encrypted text before writing autocmd BufWritePre,FileWritePre *.gpg set bin autocmd BufWritePre,FileWritePre *.gpg \ '[,']!sh -c 'gpg --default-recipient-self -e 2>/dev/null' autocmd BufWritePre,FileWritePre *.asc \ '[,']!sh -c 'gpg --default-recipient-self -e -a 2>/dev/null' " Undo the encryption so we are back in the normal text, directly " after the file has been written. autocmd BufWritePost,FileWritePost *.gpg,*.asc u autocmd BufWritePost,FileWritePost *.gpg set nobin augroup END -- Rob
signature.asc
Description: Digital signature