LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 10-03-2017, 04:07 AM   #1
WiseDraco
Member
 
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, OS X, exMandriva
Posts: 590

Rep: Reputation: 72
Question storing passwords and like sensitive info in linux?


Hello!
i do a bit of investigation about subj, and come to vim with blowfish2 encryption.

http://blog.learningtree.com/encrypting-with-vim/

can anyone point out some flaws in that usage?
for me it looks perfect -vim is almost anywhere, decrypted verion not show in filesystem, built-in cipher and so on...

btw, what is nowadays with default encoding in vim?
it is utf8 or what?
any another advices?
 
Old 10-03-2017, 04:29 AM   #2
Didier Spaier
LQ Addict
 
Registered: Nov 2008
Location: Paris, France
Distribution: Slint64-14.2 on Lenovo Thinkpad W520
Posts: 7,701

Rep: Reputation: 2618Reputation: 2618Reputation: 2618Reputation: 2618Reputation: 2618Reputation: 2618Reputation: 2618Reputation: 2618Reputation: 2618Reputation: 2618Reputation: 2618
Quote:
Originally Posted by WiseDraco View Post
btw, what is nowadays with default encoding in vim?
it is utf8 or what?
Care to read the VIM documentation?

TIP: type UTF-8 in the search field of this page: http://vimdoc.sourceforge.net/
 
Old 10-03-2017, 04:35 AM   #3
WiseDraco
Member
 
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, OS X, exMandriva
Posts: 590

Original Poster
Rep: Reputation: 72
ok, thanks:

If your current locale is in an utf-8 encoding, Vim will automatically start
in utf-8 mode.

If you are using another locale:

set encoding=utf-8
 
Old 10-03-2017, 04:51 AM   #4
slalik
Member
 
Registered: Nov 2014
Location: Moscow, Russia
Distribution: Slackware
Posts: 119

Rep: Reputation: 54
Quote:
Originally Posted by WiseDraco View Post
Hello!
i do a bit of investigation about subj, and come to vim with blowfish2 encryption.

http://blog.learningtree.com/encrypting-with-vim/

can anyone point out some flaws in that usage?
for me it looks perfect -vim is almost anywhere, decrypted verion not show in filesystem, built-in cipher and so on...
You may also want 'noswapfile' and 'noundofile' options.

I use vim in xterm to keep secret stuff, but with the standard gpg encryption. This is the relevant part of .vimrc:
Code:
set backupskip+=secrets.gpg
  
augroup encrypted
  autocmd!
  autocmd BufReadPre,FileReadPre secrets.gpg
    \ set viminfo= | setlocal noswapfile noundofile bin
  autocmd BufReadPost,FileReadPost secrets.gpg
    \ execute "silent '[,']!gpg --decrypt --quiet --no-use-agent
    \ 2> /dev/null" | setlocal nobin nospell |
    \ execute "doautocmd BufReadPost " . expand("%:r") |
    \ silent! execute "!xdotool key F12 &>/dev/null || true"
  autocmd BufWritePre,FileWritePre secrets.gpg setlocal bin |
    \ '[,']!gpg --encrypt --recipient secrets --quiet --no-use-agent
  autocmd BufWritePost,FileWritePost secrets.gpg silent u | setlocal nobin
  autocmd VimLeave secrets.gpg !clear
augroup END
and this is a part of .Xresources:
Code:
XTerm*VT100.translations: #override \n\
  ...
  Meta<Key>s: secure() string(" view ~/secrets.gpg") string(0x0d) \n\
  <Key>F12: secure() \n\
  ...
As you see, Alt-s in xterm calls vim to read ~/secrets.gpg. The secure mode in xterm prevents typing password in a wrong window
 
4 members found this post helpful.
Old 10-03-2017, 05:29 AM   #5
WiseDraco
Member
 
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, OS X, exMandriva
Posts: 590

Original Poster
Rep: Reputation: 72
Quote:
Originally Posted by slalik View Post
You may also want 'noswapfile' and 'noundofile' options.

I use vim in xterm to keep secret stuff, but with the standard gpg encryption. This is the relevant part of .vimrc:[CODE]set backupskip+=secrets.gpg

thanks for sharing valuable information!

if not secret, why you choose .gpg over vim build-in encryption?
 
Old 10-03-2017, 07:12 AM   #6
slalik
Member
 
Registered: Nov 2014
Location: Moscow, Russia
Distribution: Slackware
Posts: 119

Rep: Reputation: 54
Quote:
Originally Posted by WiseDraco View Post
if not secret, why you choose .gpg over vim build-in encryption?
I think that for vim developers encryption is not an important feature. So, if it will be broken, it can take years to fix. For example, in current vim the langmap is broken in some situations (namely, when applied to a multibyte character, vim doesn't check for mappings). This is a known bug for several years and nobody cares to fix it. I don't want to be in a similar situation with encryption.
 
1 members found this post helpful.
Old 10-03-2017, 07:56 AM   #7
montagdude
Member
 
Registered: Apr 2016
Distribution: Slackware
Posts: 647

Rep: Reputation: 488Reputation: 488Reputation: 488Reputation: 488Reputation: 488
I use this:

http://slackbuilds.org/repository/14...assword-store/

But any number of password managers would do just as well.
 
Old 10-03-2017, 08:05 AM   #8
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.2
Posts: 7,537
Blog Entries: 56

Rep: Reputation: Disabled
Isn't telling the whole internet how you store your passwords & sensitive info a mistake?
 
1 members found this post helpful.
Old 10-03-2017, 08:18 AM   #9
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware has beern Main OpSys for decades while testing others to keep up
Posts: 1,470

Rep: Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404
Quote:
Originally Posted by brianL View Post
Isn't telling the whole internet how you store your passwords & sensitive info a mistake?
Perhaps not, if one uses this avatar
Attached Thumbnails
Click image for larger version

Name:	BrotherSpareDime.jpg
Views:	65
Size:	10.7 KB
ID:	26022  
 
Old 10-03-2017, 08:30 AM   #10
WiseDraco
Member
 
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, OS X, exMandriva
Posts: 590

Original Poster
Rep: Reputation: 72
Quote:
Originally Posted by brianL View Post
Isn't telling the whole internet how you store your passwords & sensitive info a mistake?
if your crypto or password sucks, not telling anyone anyhow do not save you, if anyone get interested.

and vice versa - if you have good password and goot algorytm, then i do not see any problems - all world compute power for tens of years not enought to brute-force it.

but if you are important enought, there is a mans in black, and with soldering iron, who can come to you, and in old, fashioned methods, you tell im all your keys, passwords, and all what he want to know in minutes... :P
 
Old 10-03-2017, 08:47 AM   #11
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.2
Posts: 7,537
Blog Entries: 56

Rep: Reputation: Disabled
I'm lucky. I'm too poor and insignifant for criminals & 3-letter agencies to take an interest in. So I write my passwords on bits of paper, stowed in places where only I could find them.
 
Old 10-03-2017, 08:52 AM   #12
WiseDraco
Member
 
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, OS X, exMandriva
Posts: 590

Original Poster
Rep: Reputation: 72
Quote:
Originally Posted by brianL View Post
I'm lucky. I'm too poor and insignifant for criminals & 3-letter agencies to take an interest in. So I write my passwords on bits of paper, stowed in places where only I could find them.
as i do for many years.
but as systems and passwords and so going to more and more,and my memory get worse it was very useful to have a just file with most important info, who i can have on various systems, and maybe even on my phone -encrypted, and readable only by me, but in any time, and any place.

this tale is all about that... :P
 
Old 10-03-2017, 09:52 AM   #13
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware has beern Main OpSys for decades while testing others to keep up
Posts: 1,470

Rep: Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404Reputation: 1404
The relative security of anything like an encrypted password file is also related to basic network security. Firewalls can not only have honey pots but fangs as well, or at the very least where intrusion attempts rarely go unnoticed.

Anecdote - I was once on a Linux IRC channel and casually pinged a member who immediately asked me why I pinged him. It turned out he had such attempts STDOUT'ed to an old and LOUD dot matrix printer alerting him with nearly an immediate, and lasting alarm/record. I later learned he was 14 years old. I was impressed and did definitely take note.
 
Old 10-03-2017, 08:31 PM   #14
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, and whatever VMs I happen to be playing with
Posts: 12,651
Blog Entries: 17

Rep: Reputation: 3258Reputation: 3258Reputation: 3258Reputation: 3258Reputation: 3258Reputation: 3258Reputation: 3258Reputation: 3258Reputation: 3258Reputation: 3258Reputation: 3258
I have used KeepassX for a number of years and have been quite happy with it.

There's a SlackBuild.
 
Old 10-03-2017, 09:00 PM   #15
Richard Cranium
Senior Member
 
Registered: Apr 2009
Location: Carrollton, Texas
Distribution: Slackware64 14.2
Posts: 2,697

Rep: Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127
Quote:
Originally Posted by WiseDraco View Post
if your crypto or password sucks, not telling anyone anyhow do not save you, if anyone get interested.

and vice versa - if you have good password and goot algorytm, then i do not see any problems - all world compute power for tens of years not enought to brute-force it.

but if you are important enought, there is a mans in black, and with soldering iron, who can come to you, and in old, fashioned methods, you tell im all your keys, passwords, and all what he want to know in minutes... :P
https://xkcd.com/538/ sums it up.
 
1 members found this post helpful.
  


Reply

Tags
bim, passwords


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux program for storing passwords (server) with clients connecting rhbegin Linux - Software 2 01-11-2012 06:16 PM
Want to create a directory for storing personnal sensitive information,(openSuSe) edmondgyampoh Linux - Newbie 5 05-18-2009 12:41 PM
Storing/remembering passwords ErV General 13 09-02-2008 08:45 PM
Storing usernames and passwords on the web? concoran Linux - General 9 03-28-2008 03:55 PM
Storing passwords Ze MoreirA Linux - Security 1 08-13-2007 05:41 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 11:58 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration