storing passwords and like sensitive info in linux?
 

Hello!
i do a bit of investigation about subj, and come to vim with blowfish2 encryption.

http://blog.learningtree.com/encrypting-with-vim/

can anyone point out some flaws in that usage?
for me it looks perfect -vim is almost anywhere, decrypted verion not show in filesystem, built-in cipher and so on...

btw, what is nowadays with default encoding in vim?
it is utf8 or what?
any another advices?

Care to read the VIM documentation?

TIP: type UTF-8 in the search field of this page: http://vimdoc.sourceforge.net/

ok, thanks:

If your current locale is in an utf-8 encoding, Vim will automatically start
in utf-8 mode.

If you are using another locale:

set encoding=utf-8

You may also want 'noswapfile' and 'noundofile' options.

I use vim in xterm to keep secret stuff, but with the standard gpg encryption. This is the relevant part of .vimrc:and this is a part of .Xresources:As you see, Alt-s in xterm calls vim to read ~/secrets.gpg. The secure mode in xterm prevents typing password in a wrong window :)

thanks for sharing valuable information!

if not secret, why you choose .gpg over vim build-in encryption?

I think that for vim developers encryption is not an important feature. So, if it will be broken, it can take years to fix. For example, in current vim the langmap is broken in some situations (namely, when applied to a multibyte character, vim doesn't check for mappings). This is a known bug for several years and nobody cares to fix it. I don't want to be in a similar situation with encryption.

I use this:

http://slackbuilds.org/repository/14...assword-store/

But any number of password managers would do just as well.

Isn't telling the whole internet how you store your passwords & sensitive info a mistake?

Perhaps not, if one uses this avatar ;)

if your crypto or password sucks, not telling anyone anyhow do not save you, if anyone get interested.

and vice versa - if you have good password and goot algorytm, then i do not see any problems - all world compute power for tens of years not enought to brute-force it.

but if you are important enought, there is a mans in black, and with soldering iron, who can come to you, and in old, fashioned methods, you tell im all your keys, passwords, and all what he want to know in minutes... :P

I'm lucky. I'm too poor and insignifant for criminals & 3-letter agencies to take an interest in. So I write my passwords on bits of paper, stowed in places where only I could find them. ;)

as i do for many years.
but as systems and passwords and so going to more and more,and my memory get worse it was very useful to have a just file with most important info, who i can have on various systems, and maybe even on my phone -encrypted, and readable only by me, but in any time, and any place.

this tale is all about that... :P

The relative security of anything like an encrypted password file is also related to basic network security. Firewalls can not only have honey pots but fangs as well, or at the very least where intrusion attempts rarely go unnoticed.

Anecdote - I was once on a Linux IRC channel and casually pinged a member who immediately asked me why I pinged him. It turned out he had such attempts STDOUT'ed to an old and LOUD dot matrix printer alerting him with nearly an immediate, and lasting alarm/record. I later learned he was 14 years old. I was impressed and did definitely take note.

I have used KeepassX for a number of years and have been quite happy with it.

There's a SlackBuild.

https://xkcd.com/538/ sums it up.