tags:

views:

391

answers:

3
+1  Q: 

Best way to encrypt a file, and keep it handy

Hi,

I am using dozens of different web services, and I keep a password file in a remote Linux machine. The file contains my usernames, passwords and answers for security question.

This server happens to be offline to often, and I'm looking for a way to keep the password file on my own computer, or on a service like DropBox. Obviously, I want to keep the file encrypted, but handy - I want to be able to print its contents using one shell (or cygwin) command, perhaps using a passphrase.

Any good ideas how to do it?

+3  A: 

You can use GPG's symmetric option to encrypt files with pass-phrases.

gpg --symmetric filename

That will result in an encrypted file named filename.gpg. To redirect the output to STDOUT instead of a .gpg file:

gpg --symmetric -o - filename

You can later decrypt the file with:

gpg --decrypt filename.gpg
Alan Haggai Alavi  2009-07-03 16:18:46
I have read about gpg, but how can you pass the output to the standard output rather than to the .gpg file?
Adam Matan  2009-07-03 16:22:00
I have updated the code.
Alan Haggai Alavi  2009-07-03 16:24:43
OK, It's the usual "-o". I should have googled harder (trying "stdout", not only "standard output"). Thanks!
Adam Matan  2009-07-03 16:24:51
+2  A: 

I use PasswordSafe encrypted files in exactly this configuration. GUIs are available for Windows/Mac/Unix/Java. cliPSafe gives it a command line interface.

THe original code was written by Bruce Schneier, well known in the security world, but I've never used cliPSafe.

Nick Fortescue  2009-07-03 16:23:34
Thanks, I'll look into it.
Adam Matan  2009-07-03 16:41:17
+1  A: 

As already noted GPG solves the problem. Using the gpg command directly for encrypting text files may be a bit cumbersome though, especially as you would often decrypt the file to a seperate file, add some text (passwords in this case) and the reencrypt it (which will possibly expose your unencrypted data).

Vim has a very good plugin called gnupg for trasparently handling encrypted files using GPG. Using this plugin the unencrypted data will never be written to disc and you can just treat it as any other file (except for the passphrase question popping up of course).

Mikael Auno  2009-07-03 17:19:43
Wow, that's great. Found the link. Thanks!
Adam Matan  2009-07-03 17:49:27

related questions

How do I write Firefox add-on that automatically enters proxy passwords?
Login Integration in PHP
Strange Rails Authentication Issue
Concurrent logins in a web farm
Is there a browser equivalent to IE's ClearAuthenticationCache?
How can I authenticate using client credentials in WCF just once?
Why can't I connect to my CAS server with Perl's AuthCAS?
Best Solution For Authentication in Ruby on Rails
Authenticate on an ASP.Net Forms Authorization website from a console app
How do I use NTLM authentication with Active Directory
What have you used Windows CardSpace for, if anything
Forms Authentication across Applications
Retreiving the PC Name of a Client? (Windows Auth)
How would you implement FORM based authentication without a backing database?
What's the best way to authenticate over WCF?
Only accepting certain ajax requests from authenticated users
OpenID authentication in Ruby on Rails
OpenID Attribute Exchange - should I use it?
OpenID: which provider should I recommend to my users?
What to use for login ID?
ASP.NET authentication: user name Vs User ID
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Checklist for IIS 6/ASP.NET Windows Authentication?
The Definitive Guide To Website Authentication