[Novalug] vim with Gnu Privacy Guard (gpg) -- update from NOVEMBER 6, 2002 Novalug meeting

Peter Larsen peter@peterlarsen.org
Tue Jun 9 10:01:40 EDT 2015


On 06/08/2015 11:10 PM, RJ Bergeron via Novalug wrote:
> Specifically, that's http://www.passwordstore.org/ - I actually use it on
> windows/mac/linux to pretty good effect (with a gpgcard)

RJ - how does that compare to keepas - which is what I'm using? I have
that on my android and linux boxes (no macs allowed here) and it works
pretty well.

> rj
>
> On Mon, Jun 8, 2015 at 10:25 PM, Derek LaHousse via Novalug <
> novalug@firemountain.net> wrote:
>
>> Have a look at "password store" for your password use case. It checks
>> encrypted files into a git repo, so you could backup or share them. As for
>> your private key, you could look at shamir secret sharing algorithm, and
>> find n people willing to hold a portion of your backup
>>
>> On June 8, 2015 9:35:05 PM EDT, "Jameson C. Burt via Novalug" <
>> novalug@firemountain.net> wrote:
>>> At a 11/6/2002 Novalug meeting,
>>> we were told how to do better encryption than the weak vim encryption
>>> (even future vim encryption isn't as good as gng).
>>> That method involved adding a dozen *.gpg lines to
>>>   ~/.viminfo
>>> I used that for 13 years -- wonderful.
>>>
>>> Using vim on such a *.gpg file, whenever I entered  :w  to write the
>>> file,
>>> I WOULD LOOSE MY CURSOR POSITION.
>>> No longer -- you now return to where your cursor was.
>>>
>>> Now, you need only copy a plugin
>>> **  gnupg.vim
>>> to
>>> **  ~/.vim/plugin/gnupg.vim
>>> That plugin improvement comes from James McCoy at vim.org
>>>   http://www.vim.org/scripts/script.php?script_id=3645
>>> Starting  vim somefile.gpg,   when I haven't remotely logged in, rather
>>> than enter a passphrase on the command-line,
>>> I can now enter the passphrase in a pop-up window (if it fails, I do
>>> get a command-line prompt).
>>> [vim is keyboard based, so a GUI for password entry seems anti-vim]
>>>
>>> While this vim encryption has many uses,
>>> I have kept an encrypted file with about 600 passwords,
>>> gaining about 1 new password a week.
>>> Feeling skittish about loosing a file whose 600 passwords I could never
>>> memorize,
>>> I do sometimes keep an unencrypted version on a flash memory drive.
>>> However, ...
>>>
>>> Gpg does NOT just encrypt a file so you can decrypt the file anywhere.
>>> It does not use symmetric encryption, at least not by default,
>>> and gpg with vim demands you not alter encryption to symmetric
>>> (with symmetric encryption, from vim, I had to enter the gpg passphrase
>>>
>>> everytime I entered  :w  to save the *gpg file).
>>> vim with gpg encrypts with your secure keyring, which is probably in
>>>   ~/.gnupg
>>> Holy *** I said the first time my computer disk drive failed
>>> and I couldn't decrypt the encrypted backup file on any other computer,
>>> because I didn't have anything from the first computer's ~/.gnupg .
>>>
>>> Decryption, even knowing the correct passphrase, requires both the
>>> following additional files
>>>    ~/.gnupg/pubring.gpg
>>>    ~/.gnupg/secring.gpg
>>> I could not decrypt my file  passwords.gpg   when copied to another
>>> computer
>>> without first overwriting the above two gnupg files on my target
>>> computer.
>>> That I did -- I overwrote the second computer's ~/.gnupg/* files with
>>> backup copies from my original computer.
>>> Then I could decrypt my  passwords.gpg  file.
>>>
>>> There's a lot to get going on gpg and to first creating an encrypted
>>> *.gpg file,
>>> but if you have already created the ~/.gnupg files,
>>> consider using  James McCoy's  plugin with vim.
>> --
>> Sent from my Android device with K-9 Mail. Please excuse my brevity.
>> **********************************************************************
>> The Novalug mailing list is hosted by firemountain.net.
>>
>> To unsubscribe or change delivery options:
>> http://www.firemountain.net/mailman/listinfo/novalug
>>
>
>


-- 
Regards
  Peter Larsen




More information about the Novalug mailing list