On Thu, 5 Dec 2013, obsd, cgi wrote:
So I know the rule.. only remember a few very very long passwords (ex.:
based on several words and a few special chars), and keep the rest of the
passwords in a password manager (those aren't remembered and extreme long).
I'm not at all convinced that
On Dec 06 02:20:49, andre...@zoho.com wrote:
conclusion: shell is not good for this
Yeah right.
Who would even think of doing this in shell.
apparently at least one person did
I was being sarcastic of course, dipshit.
you aren't in sync with the quantity of real world shells that use
On Sat, Dec 7, 2013 at 4:10 AM, Jan Stary h...@stare.cz wrote:
On Dec 06 02:20:49, andre...@zoho.com wrote:
conclusion: shell is not good for this
Yeah right.
Who would even think of doing this in shell.
apparently at least one person did
I was being sarcastic of course, dipshit.
).
But this gets me to 2 questions:
- Are there any default password managers in OpenBSD (console/GUI based?)?
Or there are only from ports that are not very audited? What is the advise
to where to store the pwd's?
- Are there any best-practises to generate a password? - that are kept in
password manager
On 12/07/13 10:40, Andres Perera wrote:
On Sat, Dec 7, 2013 at 4:10 AM, Jan Stary h...@stare.cz wrote:
On Dec 06 02:20:49, andre...@zoho.com wrote:
conclusion: shell is not good for this
Yeah right.
Who would even think of doing this in shell.
apparently at least one person did
I was
Christian Weisgerber na...@mips.inka.de wrote:
---
#!/bin/sh
SAFE=$HOME/.pwsafe
TMPFILE=`mktemp /tmp/pwsafeXX` || exit 1
trap 'rm -P $TMPFILE' 0 1 2 15
STTY=`stty -g`
echo -n Password:
stty -echo
read PASSWORD
stty $STTY
set -e
echo -n $PASSWORD | openssl
Thus said Christian Weisgerber on Sat, 07 Dec 2013 18:52:25 +:
Also, your editor may scatter additional cleartext copies around, for
instance vi's recovery files.
Assuming /home is on an encrypted disk, that can be partially remedied
by using something like the following in ~/.exrc:
On Sat, Dec 7, 2013 at 2:22 PM, Christian Weisgerber na...@mips.inka.de wrote:
Christian Weisgerber na...@mips.inka.de wrote:
---
#!/bin/sh
SAFE=$HOME/.pwsafe
TMPFILE=`mktemp /tmp/pwsafeXX` || exit 1
trap 'rm -P $TMPFILE' 0 1 2 15
STTY=`stty -g`
echo -n Password:
On 12/06/13 07:50, Andres Perera wrote:
On Fri, Dec 6, 2013 at 1:58 AM, Jan Stary h...@stare.cz wrote:
On Dec 05 19:09:05, andre...@zoho.com wrote:
but then if the shell implementation uses tmpfiles for heredoc,
does it?
ksh does:
~ $ :!
$(sleep 100)
!
[1] 469
~ $ ls /tmp/sh*
On Fri, Dec 6, 2013 at 5:22 AM, Alexander Hall alexan...@beard.se wrote:
On 12/06/13 07:50, Andres Perera wrote:
On Fri, Dec 6, 2013 at 1:58 AM, Jan Stary h...@stare.cz wrote:
On Dec 05 19:09:05, andre...@zoho.com wrote:
but then if the shell implementation uses tmpfiles for heredoc,
On Fri, Dec 06, 2013 at 06:59:02AM -0430, Andres Perera wrote:
| with C you can be very explicit about where you store and when you zero out
with shell you can be very explicit about where you store and when you
zero out
| with shell it's easy to be clumsy in this particular domain
with C it's
On 6 December 2013 12:29, Andres Perera andre...@zoho.com wrote:
On Fri, Dec 6, 2013 at 5:22 AM, Alexander Hall alexan...@beard.se wrote:
On 12/06/13 07:50, Andres Perera wrote:
On Fri, Dec 6, 2013 at 1:58 AM, Jan Stary h...@stare.cz wrote:
On Dec 05 19:09:05, andre...@zoho.com wrote:
but
On Fri, Dec 6, 2013 at 7:09 AM, Paul de Weerd we...@weirdnet.nl wrote:
On Fri, Dec 06, 2013 at 06:59:02AM -0430, Andres Perera wrote:
| with C you can be very explicit about where you store and when you zero out
with shell you can be very explicit about where you store and when you
zero out
mark the variable volatile or external. what you said also holds for
kernel drivers, is well known, and is much easier to understand than
shell indiosyncrasies
another silly person in conversation ~
On Fri, Dec 6, 2013 at 7:26 AM, Marios Makassikis mmakassi...@gmail.com wrote:
On 6 December
Not quite what you are looking for, but this is cool:
https://telepathwords.research.microsoft.com/
On Fri, Dec 06, 2013 at 07:41:17AM -0430, Andres Perera wrote:
| On Fri, Dec 6, 2013 at 7:09 AM, Paul de Weerd we...@weirdnet.nl wrote:
| On Fri, Dec 06, 2013 at 06:59:02AM -0430, Andres Perera wrote:
| | with C you can be very explicit about where you store and when you zero
out
|
| with
On Fri, Dec 6, 2013 at 8:07 AM, Paul de Weerd we...@weirdnet.nl wrote:
On Fri, Dec 06, 2013 at 07:41:17AM -0430, Andres Perera wrote:
| On Fri, Dec 6, 2013 at 7:09 AM, Paul de Weerd we...@weirdnet.nl wrote:
| On Fri, Dec 06, 2013 at 06:59:02AM -0430, Andres Perera wrote:
| | with C you can
On Fri, Dec 06, 2013 at 08:15:19AM -0430, Andres Perera wrote:
| you use cat, muffin face:
| ...
| STTY=`stty -g`
| echo -n Password:
| stty -echo
| cat PASSWORD_FILE_DONT_READ_IF_YOU_ARE_OTHER_PROCESS_PLS
| stty $STTY
| ...
| openssl -d ... PASSWORD_FILE_DONT_READ_IF_YOU_ARE_OTHER_PROCESS_PLS
On Fri, Dec 6, 2013 at 8:29 AM, Paul de Weerd we...@weirdnet.nl wrote:
On Fri, Dec 06, 2013 at 08:15:19AM -0430, Andres Perera wrote:
| you use cat, muffin face:
| ...
| STTY=`stty -g`
| echo -n Password:
| stty -echo
| cat PASSWORD_FILE_DONT_READ_IF_YOU_ARE_OTHER_PROCESS_PLS
| stty
--On Thursday, December 05, 2013 08:20:07 AM +0100 obsd, cgi
obsd...@postafiok.hu wrote:
- Are there any best-practises to generate a password? - that are kept in
password manager, so ex.: 128 char long with special/random chars, etc.
Diceware: http://world.std.com/~reinhold/diceware.html
).
But this gets me to 2 questions:
- Are there any default password managers in OpenBSD (console/GUI
based?)? Or there are only from ports that are not very audited? What
is the advise to where to store the pwd's?
Not sure how advisable this is, but I'm using a gpg encrypted file,
which I keep somewhere
in a password manager (those aren't
remembered and extreme long).
But this gets me to 2 questions:
- Are there any default password managers in OpenBSD (console/GUI
based?)? Or there are only from ports that are not very audited?
What is the advise to where to store the pwd's
On Thu, Dec 5, 2013, at 05:50 AM, InterNetX - Robert Garrett wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
use sticky notes.. preferably on your monitor
snip
hahahaha
--
Regards,
21
On 2013-12-05 Thu 12:50 PM |, InterNetX - Robert Garrett wrote:
use sticky notes.. preferably on your monitor
Just use the word 'incorrect' everywhere.
Whenever a mistake is entered, the system will say:
Your password is incorrect.
Done,
--
Craig Skinner | http://twitter.com/Craig_Skinner
the rule.. only remember a few very very long passwords
(ex.: based on several words and a few special chars), and keep the
rest of the passwords in a password manager (those aren't
remembered and extreme long).
But this gets me to 2 questions:
- Are there any default password managers
On Thu, Dec 05, 2013 at 10:09:07AM +, Zé Loff wrote:
Not sure how advisable this is, but I'm using a gpg encrypted file,
which I keep somewhere hidden (just because). Just put them in file
foo and do 'gpg -e foo' (assuming you've already setup gpg). When you
need to look something up just
function getpass {
gpg --decrypt $HOME/pw.gpg | grep ^$1 | awk '{print $2}' \
| tr -d '\n' | xclip -i
}
The plaintext of pw.gpg has lines like this:
key password
I have something similar, but instead of having all the password in
a single file, I have only file
:
- Are there any default password managers in OpenBSD (console/GUI based?)?
Or there are only from ports that are not very audited? What is the advise
to where to store the pwd's?
- Are there any best-practises to generate a password? - that are kept in
password manager, so ex.: 128 char long
:
- Are there any default password managers in OpenBSD (console/GUI based?)?
Or there are only from ports that are not very audited? What is the advise
to where to store the pwd's?
- Are there any best-practises to generate a password? - that are kept in
password manager, so ex.: 128 char long
Zé Loff zel...@zeloff.org wrote:
Not sure how advisable this is, but I'm using a gpg encrypted file,
which I keep somewhere hidden (just because). Just put them in file
foo and do 'gpg -e foo' (assuming you've already setup gpg). When you
need to look something up just do 'gpg -d foo' and the
On Thu, Dec 05, 2013 at 10:09, Zé Loff wrote:
Not sure how advisable this is, but I'm using a gpg encrypted file,
which I keep somewhere hidden (just because). Just put them in file
foo and do 'gpg -e foo' (assuming you've already setup gpg). When you
need to look something up just do 'gpg -d
:
- Are there any default password managers in OpenBSD (console/GUI based?)?
Or there are only from ports that are not very audited? What is the advise
to where to store the pwd's?
- Are there any best-practises to generate a password? - that are kept in
password manager, so ex.: 128 char
On Thu, Dec 5, 2013 at 8:57 AM, Christian Weisgerber na...@mips.inka.de wrote:
Zé Loff zel...@zeloff.org wrote:
Not sure how advisable this is, but I'm using a gpg encrypted file,
which I keep somewhere hidden (just because). Just put them in file
foo and do 'gpg -e foo' (assuming you've
but then if the shell implementation uses tmpfiles for heredoc, and
doesn't do the equivalent of rm -P, you have another leak you thought
was taken care of
conclusion: shell is not good for this
even if it keeps heredocs in memory you have no idea if it zeros it
out afterwards
On Thu, Dec 5,
On Fri, Dec 6, 2013 at 1:58 AM, Jan Stary h...@stare.cz wrote:
On Dec 05 19:09:05, andre...@zoho.com wrote:
but then if the shell implementation uses tmpfiles for heredoc,
does it?
ksh does:
~ $ :!
$(sleep 100)
!
[1] 469
~ $ ls /tmp/sh*
/tmp/shsWf2OXAO
src/bin/ksh/exec.c r1.50:
So I know the rule.. only remember a few very very long passwords (ex.:
based on several words and a few special chars), and keep the rest of the
passwords in a password manager (those aren't remembered and extreme long).
But this gets me to 2 questions:
- Are there any default password managers
36 matches
Mail list logo