Passwortverwaltung
Aus Vosp.info
Version vom 24. November 2012, 10:57 Uhr von HK (Diskussion | Beiträge)
Passwortcontainer mit gpg und vim
Der Container wird zuerst mit gpg erstellt. Danach kann er mit vim transarent bearbeitet werden.
Die Passphrasen werden über die Xorg-Zwischenablage (Eingabe: Phrase Makieren / Ausgabe: Mittlere Maustaste) in das gewünschte Eingabefeld eingegeben.
Dadurch entsteht ein Sicherheitsloch, wenn der Inhalt nicht wieder aus der Xorg-Zwischenablage gelöscht wird.
Config entnommen aus
https://www.antagonism.org/privacy/gpg-vi.shtml
" Transparent editing of GnuPG-encrypted files " Based on a solution by Wouter Hanegraaff augroup encrypted au! " First make sure nothing is written to ~/.viminfo while editing " an encrypted file. autocmd BufReadPre,FileReadPre *.gpg,*.asc set viminfo= " We don't want a swap file, as it writes unencrypted data to disk. autocmd BufReadPre,FileReadPre *.gpg,*.asc set noswapfile " Switch to binary mode to read the encrypted file. autocmd BufReadPre,FileReadPre *.gpg set bin autocmd BufReadPre,FileReadPre *.gpg,*.asc let ch_save = &ch|set ch=2 autocmd BufReadPost,FileReadPost *.gpg,*.asc \ '[,']!sh -c 'gpg --decrypt 2> /dev/null' " Switch to normal mode for editing autocmd BufReadPost,FileReadPost *.gpg set nobin autocmd BufReadPost,FileReadPost *.gpg,*.asc let &ch = ch_save|unlet ch_save autocmd BufReadPost,FileReadPost *.gpg,*.asc \ execute ":doautocmd BufReadPost " . expand("%:r") " Convert all text to encrypted text before writing autocmd BufWritePre,FileWritePre *.gpg set bin autocmd BufWritePre,FileWritePre *.gpg \ '[,']!sh -c 'gpg --default-recipient-self -e 2>/dev/null' autocmd BufWritePre,FileWritePre *.asc \ '[,']!sh -c 'gpg --default-recipient-self -e -a 2>/dev/null' " Undo the encryption so we are back in the normal text, directly " after the file has been written. autocmd BufWritePost,FileWritePost *.gpg,*.asc u augroup END