Re: [O] An org password manager

[Michael Albinus]

jorge.a.alf...@gmail.com (Jorge A. Alfaro-Murillo) writes:

 Michael Albinus michael.albi...@gmx.de writes:

Hi Jorge,

 A useful feature would be an auth-source backend, See (info (auth))
 By this, other packages (like Gnus or Tramp) would profit from the
 password manager directly.

 Thanks Michael. I will look more into auth. What is your idea? To be
 able to use something like auth-source-search, to pass features of the
 org-passwords database as secrets? 

yes.

 I only use auth for gnus and jabber, so my .authinfo.gpg is only five
 lines. What setup could benefit on that? Can auth send secrets to other
 applications, like a web browser?

If another Emacs package uses auth-source-search, it would benefit
automatically from your backend. Several packages uses it already, like
Tramp, gnus, url, erc, ldap.

 Best,

 Jorge.

Bet regards, Michael.

Re: [O] An org password manager

[Jorge A. Alfaro-Murillo]

Bastien b...@gnu.org writes:

 This is now in contrib/lisp/ - thanks!

Great! Thanks a lot.

Re: [O] An org password manager

[Bastien]

Dear Jorge,

jorge.a.alf...@gmail.com (Jorge A. Alfaro-Murillo) writes:

 This is my first time submitting a patch, so I do not know if
 this is the way I am supposed to do it.

Yes, the commit message looks good. 

Can you resent the patch as an attachment?

Simply create a dedicated branch from master, check this branch out,
commit your change, then do git format-patch master to get the patch
in the proper .patch format that you can attach.

Thanks in advance,

-- 
 Bastien

Re: [O] An org password manager

[Jorge A. Alfaro-Murillo]

Dear Bastien, 

This is my first time submitting a patch, so I do not know if
this is the way I am supposed to do it.

Best,

Jorge

---
org-passwords.el: Add an org derived mode for managing passwords

* contrib/lisp/org-passwords.el: new file.

The file gives a mode for consulting a passwords database with entries
in org format.  The database opens in Read-Only mode and a timer is
set to close the database.  The file provides functions for making
usernames and passwords available to the facility for pasting text of
the window system (clipboard on X and MS-Windows, pasteboard on
Nextstep/Mac OS, etc.) without inserting them in the kill-ring.  It
also provides functions for generating passwords as a random string of
characters or as a number of random words from a dictionary.

1 file changed, 342 insertions(+)
 contrib/lisp/org-passwords.el | 342 ++

Newcontrib/lisp/org-passwords.el
diff --git a/contrib/lisp/org-passwords.el b/contrib/lisp/org-passwords.el
new file mode 100644
index 000..8c00d61
--- /dev/null
+++ b/contrib/lisp/org-passwords.el
@@ -0,0 +1,342 @@
+;;; org-passwords.el --- org derived mode for managing passwords
+
+;; Author: Jorge A. Alfaro-Murillo jorge.alfaro-muri...@yale.edu
+;; Created: December 26, 2012
+;; Keywords: passwords, password
+
+;; This file is NOT part of GNU Emacs.
+;;
+;; This program is free software: you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation, either version 3 of the License, or
+;; (at your option) any later version.
+
+;; This program is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with GNU Emacs.  If not, see http://www.gnu.org/licenses/.
+;
+;;
+;;; Commentary:
+
+;; This file contains the code for managing your passwords with
+;; Org-mode.
+
+;; A basic setup needs to indicate a passwords file, and a dictionary
+;; for the random words:
+
+;;   (require org-passwords)
+;;   (setq org-passwords-file ~/documents/passwords.gpg)
+;;   (setq org-passwords-random-words-dictionary 
/etc/dictionaries-common/words)
+
+;; Basic usage:
+
+;;   `M-x org-passwords' opens the passwords file in
+;;   `org-passwords-mode'.
+
+;;   `M-x org-passwords-generate-password' generates a random string
+;;   of numbers, lowercase letters and uppercase letters.
+
+;;   `C-u M-x org-passwords-generate-password' generates a random
+;;   string of numbers, lowercase letters, uppercase letters and
+;;   symbols.
+
+;;   `M-x org-passwords-random-words' concatenates random words from
+;;   the dictionary defined by `org-passwords-random-words-dictionary'
+;;   into a string, each word separated by the string defined in
+;;   `org-passwords-random-words-separator'.
+
+;;   `C-u M-x org-passwords-random-words' does the same as above, and
+;;   also makes substitutions according to
+;;   `org-passwords-random-words-substitutions'.
+
+;; It is also useful to set up keybindings for the functions
+;; `org-passwords-copy-username' and
+;; `org-passwords-copy-password' in the
+;; `org-passwords-mode', to easily make the passwords and usernames
+;; available to the facility for pasting text of the window system
+;; (clipboard on X and MS-Windows, pasteboard on Nextstep/Mac OS,
+;; etc.), without inserting them in the kill-ring. You can set for
+;; example:
+
+;;   (eval-after-load org-passwords
+;; '(progn
+;;(define-key org-passwords-mode-map
+;;  (kbd C-c u)
+;;  'org-passwords-copy-username)
+;;(define-key org-passwords-mode-map
+;;  (kbd C-c p)
+;;  'org-passwords-copy-password)))
+
+;; Finally, to enter new passwords, you can use `org-capture' and a minimal 
template like:
+ 
+;;   (p password entry (file ~/documents/passwords.gpg)
+;;* %^{Title}\n  %^{PASSWORD}p %^{USERNAME}p)
+
+;; When asked for the password you can then call either
+;; `org-passwords-generate-password' or `org-passwords-random-words'.
+;; Be sure to enable recursive minibuffers to call those functions
+;; from the minibuffer:
+
+;;   (setq enable-recursive-minibuffers t)
+
+;;; Code:
+
+(require 'org)
+
+(define-derived-mode org-passwords-mode org-mode
+  org-passwords-mode
+  Mode for storing passwords
+  nil)
+
+(defgroup org-passwords nil
+  Options for password management.
+  :group 'org)
+
+(defcustom org-passwords-password-property PASSWORD
+  Name of the property for password entry password.
+  :type 'string
+  :group 'org-passwords)
+
+(defcustom org-passwords-username-property USERNAME
+  Name of the property for password entry 

Re: [O] An org password manager

[Bastien]

Hi Jorge,

jorge.a.alf...@gmail.com (Jorge A. Alfaro-Murillo) writes:

 If there is interest from the community this can also go to
 /contrib.

I think this would be a nice contribution.

Can you send a patch against the current master branch to add the
code in the contrib/lisp/ directory?

Thanks a lot!

-- 
 Bastien

Re: [O] An org password manager

[Michael Albinus]

Bastien b...@gnu.org writes:

 Hi Jorge,

Hi,

 If there is interest from the community this can also go to
 /contrib.

 I think this would be a nice contribution.

A useful feature would be an auth-source backend, See (info (auth))
By this, other packages (like Gnus or Tramp) would profit from the
password manager directly.

Best regards, Michael.

Re: [O] An org password manager

[Colin Baxter]

Dear Jorge,

Many thanks for this. I had forgotten about define-derived-mode.

Best wishes,

Colin.


 Dear Ramon and Colin,

 If you are using an (add-to-list 'auto-mode-alist ...) for the gpg
 files, that sets the major mode on. If you want to leave the major mode
 as Org, do not use auto-mode-alist, but instead use a hook:
 (add-hook 'org-mode-hook 'your-function), where your-function should be
 one that checks if the file name ends with gpg and if so turns your
 sensitivity-mode on.

 Alternatively, define another major mode:

 #+BEGIN_SRC emacs-lisp
   (define-derived-mode org-but-sensitive-mode org-mode
 ...)
 #+END_SRC

 and copy in ... whatever your sensitive-minor-mode has.

 Best,

 Jorge.

Re: [O] An org password manager

[Cayetano Santos]

Hi Jorge,

  Are you aware of this http://git.zx2c4.com/password-store/tree/contrib/emacs 
? It's an api to pass
  and other simple cli tools.

  Hope it helps,

c.

On 11-05-14 01:21:20, Jorge A. Alfaro-Murillo wrote:

Hi! I have been using org for managing passwords for a some time now. In
case someone is interested, the code is in:
https://bitbucket.org/alfaromurillo/org-passwords.el

To consult the database, the code provides a function to open the Org
file with the passwords in Read-Only mode, sets a timer after which the
buffer is killed and provides functions for copying the password without
it getting into the kill-ring. It also provides two types of functions
for generating passwords: strings of random characters, and random words
of the correcthorsebatterystaple-type. The README file in bitbucket has
detailed information about the usage.

If there is interest from the community this can also go to /contrib.

Best,

Jorge.

Re: [O] An org password manager

[Colin Baxter]

Dear Ramon,

Yes, that's the problem I got with files *.org.gpg. I've never had the time -
nor inclination - to look into it further.

Best wishes,

Colin. 


 Dear Colin,

 Great, thanks a lot.

 I just tried it, and it worked out of the box, and it turns on by default
 (I used the code at the bottom of the page). But I think I get a similar
 problem as the one you reported: when I run it and the file is *.org.gpg,
 then org mode is turned off. If I M-x org-mode (or add the
 ;;; -*- mode:org; -*-
 ), sensitive turns off, but stays if I M-x sensitive-mode. Anyway, enable now.


 Best,

 R.

Re: [O] An org password manager

[Jorge A. Alfaro-Murillo]

Dear Ramon and Colin,

If you are using an (add-to-list 'auto-mode-alist ...) for the gpg
files, that sets the major mode on. If you want to leave the major mode
as Org, do not use auto-mode-alist, but instead use a hook:
(add-hook 'org-mode-hook 'your-function), where your-function should be
one that checks if the file name ends with gpg and if so turns your
sensitivity-mode on.

Alternatively, define another major mode:

#+BEGIN_SRC emacs-lisp
  (define-derived-mode org-but-sensitive-mode org-mode
...)
#+END_SRC

and copy in ... whatever your sensitive-minor-mode has.

Best,

Jorge.

Re: [O] An org password manager

[Colin Baxter]

Dear Ramon,

Yes. The first URL gives the lisp code.

I could never get sensitive mode to turn on by default for files having
gpg or cpt extensions. Consequently, I just M-X sensitive RET for each
file. To remind me, I put sensitive at the beginning of the file. You
may have better luck.

Best wishes,

Colin.



 Dear Colin,



 On Sun, 11-05-2014, at 15:56, Colin Baxter m43...@yandex.com wrote:
 Hi,

 You can ensure a gpg buffer doesn't leave any traces by using a
 minor-mode called sensitive which disables backups and auto-save. The code 
 is
 available on the Internet, but I'll post it here if anyone is
 interested.

 Thanks, I did not know about that, but I think google found it. Are you
 referring to

 http://anirudhsasikumar.net/blog/2005.01.21.html

 which was also mentioned in, say,

 http://stackoverflow.com/questions/482256/is-there-an-emacs-variable-to-turn-off-backup-of-files-with-a-specific-extension


 Best,


 R.



 Best wishes,

 Colin.


 Dear Jorge,

 Neat!! Thanks for providing the details.

 I've been using a somewhat similar approach with a lot less functionality
 for a few years, but as I reported in the org email list, something I find
 unsettling is that if an encrypted buffer is killed right when it is being
 opened (when you just typed the password ---sure, low probability, but not
 zero), part of the contents of the encrypted buffer are left, as plain
 text, in other buffer(s).

 I reported this here

 http://lists.gnu.org/archive/html/emacs-orgmode/2011-12/msg00841.html

 and I still experience the problem (I just try it not to happen). Is
 this not affecting you at all? I'd have thought it would, since you are
 also using a timer to kill the buffer, and it could fire right after you
 enter the password.


 Best,


 R.


 On Sun, 11-05-2014, at 07:21, Jorge A. Alfaro-Murillo
 jorge.a.alf...@gmail.com wrote:
 Hi! I have been using org for managing passwords for a some time now. In
 case someone is interested, the code is in:
 https://bitbucket.org/alfaromurillo/org-passwords.el

 To consult the database, the code provides a function to open the Org
 file with the passwords in Read-Only mode, sets a timer after which the
 buffer is killed and provides functions for copying the password without
 it getting into the kill-ring. It also provides two types of functions
 for generating passwords: strings of random characters, and random words
 of the correcthorsebatterystaple-type. The README file in bitbucket has
 detailed information about the usage.

 If there is interest from the community this can also go to /contrib.

 Best,

 Jorge.

-- 
Colin Baxter
http://www.colin-baxter.com

Re: [O] An org password manager

[Colin Baxter]

Hi,

You can ensure a gpg buffer doesn't leave any traces by using a
minor-mode called sensitive which disables backups and auto-save. The code is
available on the Internet, but I'll post it here if anyone is
interested.

Best wishes,

Colin.


 Dear Jorge,

 Neat!! Thanks for providing the details.

 I've been using a somewhat similar approach with a lot less functionality
 for a few years, but as I reported in the org email list, something I find
 unsettling is that if an encrypted buffer is killed right when it is being
 opened (when you just typed the password ---sure, low probability, but not
 zero), part of the contents of the encrypted buffer are left, as plain
 text, in other buffer(s).

 I reported this here

 http://lists.gnu.org/archive/html/emacs-orgmode/2011-12/msg00841.html

 and I still experience the problem (I just try it not to happen). Is
 this not affecting you at all? I'd have thought it would, since you are
 also using a timer to kill the buffer, and it could fire right after you
 enter the password.


 Best,


 R.


 On Sun, 11-05-2014, at 07:21, Jorge A. Alfaro-Murillo
 jorge.a.alf...@gmail.com wrote:
 Hi! I have been using org for managing passwords for a some time now. In
 case someone is interested, the code is in:
 https://bitbucket.org/alfaromurillo/org-passwords.el

 To consult the database, the code provides a function to open the Org
 file with the passwords in Read-Only mode, sets a timer after which the
 buffer is killed and provides functions for copying the password without
 it getting into the kill-ring. It also provides two types of functions
 for generating passwords: strings of random characters, and random words
 of the correcthorsebatterystaple-type. The README file in bitbucket has
 detailed information about the usage.

 If there is interest from the community this can also go to /contrib.

 Best,

 Jorge.

-- 
Colin Baxter
http://www.colin-baxter.com

Re: [O] An org password manager

[Jorge A. Alfaro-Murillo]

Thanks Ramon,

Regarding your question, probably the bug is related to running a for
with all the buffers that are open. To get what you want you can try
something creating a minor mode for gpg files and adding a hook that
adds the buffer name of the gpg file that you open to a list of buffers
to kill:

  #+BEGIN_SRC emacs-lisp
(define-minor-mode gpg-killing-mode
  A mode to kill gpg files
  :after-hook 
  (add-to-list 'gpg-buffers (buffer-name)))

(add-to-list 'auto-mode-alist '(\\.gpg$ . gpg-killing-mode))

(setq gpg-buffers nil)

(run-at-time t 120 '(lambda () 
 (mapcar 'kill-buffer gpg-buffers)
 (setq gpg-buffers nil)))
  
  #+END_SRC

Instead killing all at the same time, I would probably kill each one
after a certain time, to avoid opening a file and have it right away
killed it was close to the end of the 2 min cycle:

  #+BEGIN_SRC emacs-lisp
(define-minor-mode gpg-killing-mode
  A mode to kill gpg files
  :after-hook 
  (progn
(setq gpg-buffers (append gpg-buffers (list (buffer-name
(run-at-time 120 nil '(lambda () 
(kill-buffer (car gpg-buffers))
(setq gpg-buffers (cdr gpg-buffers))

(add-to-list 'auto-mode-alist '(\\.gpg$ . gpg-killing-mode))  

(setq gpg-buffers nil)
  #+END_SRC

Best,

Jorge.

Re: [O] An org password manager

[Jorge A. Alfaro-Murillo]

jorge.a.alf...@gmail.com (Jorge A. Alfaro-Murillo) writes:

I forgot to mention that what org-passwords.el does is to set a timer
each time that the password file is opened (analogous to the second
option in my previous message) rather than having just one timer with
repeat.

Jorge.

 Thanks Ramon,

 Regarding your question, probably the bug is related to running a for
 with all the buffers that are open. To get what you want you can try
 something creating a minor mode for gpg files and adding a hook that
 adds the buffer name of the gpg file that you open to a list of buffers
 to kill:

   #+BEGIN_SRC emacs-lisp
 (define-minor-mode gpg-killing-mode
   A mode to kill gpg files
   :after-hook 
   (add-to-list 'gpg-buffers (buffer-name)))

 (add-to-list 'auto-mode-alist '(\\.gpg$ . gpg-killing-mode))

 (setq gpg-buffers nil)

 (run-at-time t 120 '(lambda () 
  (mapcar 'kill-buffer gpg-buffers)
  (setq gpg-buffers nil)))
   
   #+END_SRC

 Instead killing all at the same time, I would probably kill each one
 after a certain time, to avoid opening a file and have it right away
 killed it was close to the end of the 2 min cycle:

   #+BEGIN_SRC emacs-lisp
 (define-minor-mode gpg-killing-mode
   A mode to kill gpg files
   :after-hook 
   (progn
 (setq gpg-buffers (append gpg-buffers (list (buffer-name
 (run-at-time 120 nil '(lambda () 
 (kill-buffer (car gpg-buffers))
 (setq gpg-buffers (cdr gpg-buffers))

 (add-to-list 'auto-mode-alist '(\\.gpg$ . gpg-killing-mode))  

 (setq gpg-buffers nil)
   #+END_SRC

 Best,

 Jorge.

Re: [O] An org password manager

[Igor Sosa Mayor]

jorge.a.alf...@gmail.com (Jorge A. Alfaro-Murillo) writes:

 Hi! I have been using org for managing passwords for a some time now. In
 case someone is interested, the code is in:
 https://bitbucket.org/alfaromurillo/org-passwords.el

interesting. Thanks for sharing.