On Sat, Feb 04, 2017 at 12:55:13PM -0500, Daniel Barrett wrote: > On February 4, 2017, Bill Horne wrote: > >Readers please state your preferences for Keepass, Password Safe, or > >other programs/methods for storing passwords. > > GnuPG. > > I store usernames, passwords, and site names in a 3-column, > GnuPG-encrypted text file. To recall a password for a given host, I > run a homebrew script that's more or less: > > gpg -d mysecrets.gpg | grep <host> > > If desired, one can further copy the password into the X clipboard by > piping to "xclip". This simple is and has worked for a decade+ without > problems.
The above lets you read from that encrypted file without leaving unecrypted bits on disk (definitely a good thing), but how do you add to/edit that encrypted file without having cleartext versions around? FWIW, what I do to edit encrypted files without leaking sensitive data is that I use an (x)emacs hook I wrote to encrypt/decrypt behind the scenes while looking mostly like an ordinary file to me. I posted the elisp to this list some years back: http://boston-linux-unix-general-discussion-list.996279.n3.nabble.com/MyPasswordSafe-converter-to-KeePassX-available-td45267.html#a45270 (Yah, xemacs... I do know I oughta put in the work to make all my elisp work under emacs again so I can switch back at some point...) --grg _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
