Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] deadmanish login?



On Sat, Feb 04, 2017 at 12:55:13PM -0500, Daniel Barrett wrote:
> On February 4, 2017, Bill Horne wrote:
> >Readers please state your preferences for Keepass, Password Safe, or
> >other programs/methods for storing passwords.
> 
> GnuPG.
> 
> I store usernames, passwords, and site names in a 3-column,
> GnuPG-encrypted text file. To recall a password for a given host, I
> run a homebrew script that's more or less:
> 
>   gpg -d mysecrets.gpg | grep <host>
> 
> If desired, one can further copy the password into the X clipboard by
> piping to "xclip". This simple is and has worked for a decade+ without
> problems.


The above lets you read from that encrypted file without leaving unecrypted
bits on disk (definitely a good thing), but how do you add to/edit that
encrypted file without having cleartext versions around?


FWIW, what I do to edit encrypted files without leaking sensitive data is
that I use an (x)emacs hook I wrote to encrypt/decrypt behind the scenes
while looking mostly like an ordinary file to me.  I posted the elisp to
this list some years back:

http://boston-linux-unix-general-discussion-list.996279.n3.nabble.com/MyPasswordSafe-converter-to-KeePassX-available-td45267.html#a45270

(Yah, xemacs... I do know I oughta put in the work to make all my elisp
work under emacs again so I can switch back at some point...)

--grg



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org