Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Password Storage

From: Ayaz Ahmed Khan <ayaz () pakcon org>
Date: Wed, 02 Aug 2006 22:56:48 +0600 (PKST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Robert Larsen typed:

I have a USB stick with all my passwords in an encrypted text
file. I then use this bash function (or type the commands myself)
for reading or changing the list:

VimPasswords(){
   TEMPFILE1=/tmp/blar8937p
   TEMPFILE2=/tmp/blar8937q
   if [ ! -f /media/usb/Docs/passwords.txt.gpg ]; then
       echo "No password file. USB stick not mounted ?"
       return
   fi

   gpg -o $TEMPFILE1 /media/usb/Docs/passwords.txt.gpg
   if [ "$?" != "0" ]; then
       return
   fi
   cp $TEMPFILE1 $TEMPFILE2

   vim $TEMPFILE1
   diff $TEMPFILE1 $TEMPFILE2 >/dev/null 2>&1
   if [ "$?" != "0" ]; then
       #The file has changed. Reencrypt it.
       CODE=1
       while [ "$CODE" != "0" ]; do
           gpg -o /media/usb/Docs/passwords.txt.gpg --symmetric $TEMPFILE1
           CODE=$?
       done
   fi
   wipe $TEMPFILE1 $TEMPFILE2
}

This could probably be coded better but it works for me.
gpg exists for both Unix and Windows.


Handy script, Robert. I keep my passwords in several plain-text files
which I store encrypted. The passphrase I use to encrypt the files is
scarily difficult to remember, and I often fear the day I forget it.

- -- 
Ayaz Ahmed Khan

There's too much beauty upon this earth for lonely men to bear.
                -- Richard Le Gallienne

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iQEVAwUBRNDZWwFi6bOwa2ADAQLYHAf/VeYQN+SDHrYJ2f0zZUuSRZmRAgIG45k4
O8d3IPpXUMK6YJJ2iw3QwtffQN9W7mtD0I9hwj4PBzEI0SrYM9MKfXQ4uzkeMSvZ
L3mFqIPCrYQOTqrXaNrWiJOsNnOm1acSoLC2XiAv5AGbCMg9qRusmQl3dq+A5unQ
aMxw4gyJA+zkWuylWsbFYrk4Vu0W8cHFHwd2HyQcjIGPMUNPK2fk9SHAoAxVySqM
ROiv0a8U4LKm3M9fRqohWGsKFvYnb9g5rydJVK34gPey9iiya+VSVnXyWU8Xs3Kr
A/jWoFVJCGm3lMMOHSuUoKdl05PiHEkhNdjC1gXUCtJEFW03yNfunQ==
=miPr
-----END PGP SIGNATURE-----

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: