Difference between revisions of "Password Safe with Vim and OpenSSL"

From Noah.org
Jump to navigationJump to search
Line 15: Line 15:
  
 
<em>This plugin will turn off the swap file and .viminfo log.</em> This is so you don't have to worry about Vim leaking the contents of the encrypted file through a swap file or through saved registers.
 
<em>This plugin will turn off the swap file and .viminfo log.</em> This is so you don't have to worry about Vim leaking the contents of the encrypted file through a swap file or through saved registers.
 +
 +
This plugin can also make a backup of an encrypted file before writing changes. This helps guard against the situation where you may edit a file and write changes with the wrong password. You can still go back to the previous backup version. The backup file will have the same name as the original file with .bak before the original extension. For example:
 +
 +
  .auth.bfa  -->  .auth.bak.bfa
 +
 +
To turn on backups put the following global definition in your .vimrc file:
 +
 +
  let g:openssl_backup = 1
  
 
== Install ==
 
== Install ==

Revision as of 13:52, 28 January 2008

Vim can be a very nice password safe. All you have to do is allow Vim to read OpenSSL encrypted files. This is easy with the plugin described below. The only external requirement besides Vim is that you have openssl installed. This works on any Unix platform or Windows with Cygwin.

Edit OpenSSL encrypted files with Vim

This Vim plugin will allow editing of files that have been encrypted with OpenSSL. It recognizes the encryption type based on the file extension. For example:

 .des3 .aes .bf .bfa .idea .cast .rc2 .rc4 .rc5
 (.bfa is base64 ASCII encoded blowfish)

When you write the file changes with be automatically re-encrypted with the cipher that matches the file extension.

The only requirement is that you have `openssl` in your path.

This plugin will turn off the swap file and .viminfo log. This is so you don't have to worry about Vim leaking the contents of the encrypted file through a swap file or through saved registers.

This plugin can also make a backup of an encrypted file before writing changes. This helps guard against the situation where you may edit a file and write changes with the wrong password. You can still go back to the previous backup version. The backup file will have the same name as the original file with .bak before the original extension. For example:

 .auth.bfa  -->  .auth.bak.bfa

To turn on backups put the following global definition in your .vimrc file:

 let g:openssl_backup = 1

Install

Put this openssl.vim plugin in your plugin directory and Vim will automatically load it. Typically it will go here:

   ~/.vim/plugin/openssl.vim

You can start by editing an empty unencrypted file with a .bfa extension. When you first write the file openssl will ask you to give it a password. The file will be encrypted with the Blowfish cipher and base64 ASCII encoded.

Simple password safe

If you edit any file named .auth.bfa (full name, not just the extension) then this plugin will decode the file and also add folding features and an automatic quit timeout. Only a file named .auth.bfa get these extra features.

Vim will quit automatically after 5 minutes of no typing activity (unless the file has been changed).

This plugin will fold on wiki-style headlines with the following form:

   == This is a headline ==

Any notes under the headline will be inside the fold until the next headline is reached. The SPACE key will toggle a fold open and closed. The q key will quit Vim. Create the following example file named ~/.auth.bfa:

   == Colo server ==
   username: maryjane
   password: esydpm
   == Office server ==
   username: peter
   password: 4m4z1ng

Then create a bash alias:

   alias auth='view ~/.auth.bfa'

Now you can view your password safe by typing "auth". When Vim starts all the password information will be hidden under the headlines. To view the password information put the cursor on the headline and press SPACE.

Download

Click to download openssl.vim <include svncat src="file:///home/svn/src/dotfiles/.vim/plugin/openssl.vim" />