Robert Lee wrote:
What is wrong with SCP/SFTP? If these are not available,
externally encrypt the file. You can even make a vim macro
to do the job IIRC.
Text editors don't do encryption and never should.
I promise to stop posting when everyone else does!
SCP etc just encrypts the traffic when copying a sensitive file to
another machine. After backups are taken and stored, and various
other stuff happens, your sensitive file can end up in quite a lot
of places. Defence-in-depth means you have to encrypt the actual
secret (the file, or the secret parts of the file).
As Tony pointed out, Vim can encrypt a file. That is good because if
you rely on scripts and what-have-you, there can be temp files, and
files left over when something crashes. It's much better if Vim
handles the decryption and encryption for you - much more
convenient, and reliable, and a lot more secure.
I can see that my EncryptLine proposal doesn't have any support.
Fair enough - I accept the judgement. But the idea is not stupid.
When you document tricky stuff on a network, you end up with a file
where normal file-access security is good enough to protect 95% of
the content. What about the passwords in the document? You really
need to encrypt the file to protect them, but that means you have to
decrypt the file (enter its key) everytime you need to extract some
fact (like an IP address).
I have actually implemented my EncryptLine on an obsolete editor and
it works really well - but only because I have a need for it.
John
