Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] deadmanish login?



On Sat, Feb 04, 2017 at 12:55:13PM -0500, Daniel Barrett wrote:
> On February 4, 2017, Bill Horne wrote:
> >Readers please state your preferences for Keepass, Password Safe, or
> >other programs/methods for storing passwords.
> 
> GnuPG.
> 
> I store usernames, passwords, and site names in a 3-column,
> GnuPG-encrypted text file. To recall a password for a given host, I
> run a homebrew script that's more or less:
> 
>   gpg -d mysecrets.gpg | grep <host>
> 
> If desired, one can further copy the password into the X clipboard by
> piping to "xclip". This simple is and has worked for a decade+ without
> problems.


The above lets you read from that encrypted file without leaving unecrypted
bits on disk (definitely a good thing), but how do you add to/edit that
encrypted file without having cleartext versions around?


FWIW, what I do to edit encrypted files without leaking sensitive data is
that I use an (x)emacs hook I wrote to encrypt/decrypt behind the scenes
while looking mostly like an ordinary file to me.  I posted the elisp to
this list some years back:

http://boston-linux-unix-general-discussion-list.996279.n3.nabble.com/MyPasswordSafe-converter-to-KeePassX-available-td45267.html#a45270

(Yah, xemacs... I do know I oughta put in the work to make all my elisp
work under emacs again so I can switch back at some point...)

--grg



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org