Jump to content


Regarding encryption


  • Please log in to reply
25 replies to this topic

#1 OFFLINE   wa4chq

wa4chq

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 683 posts

Posted 18 March 2019 - 03:27 PM

I found this today while searching info about editing an encrypted file.  I have be using "gpg".  Here's what I found:

Quote

I have spent countless hours on this quest, too: simply encrypt a text file with a passphrase with simple open+read/write access. I didn't want to deal with private/public keys nor keyrings bound to an OS login, blah, blah, blah. File encryption with passphrase only is so simple and so universal and perfect for a simple text file to hold passwords. No bloat nor complication of a database-driven solution like KeePass, etc. (which also requires data entry into multiple GUI elements rather than just typing your passwords in a searchable text file). The gold standard on Windows is Steganos LockNote. How to do it on Linux? Surprisingly very difficult to find, but...
I finally converged on the recommendation I consider best: cream. http://cream.sourceforge.net/ Cream is a facade to vim to make it more-user-friendly ... useful for other family members (I am a Linux geek at work comfortable with vi[m], but I needed something more accessible for my family).
Just enter:
"vim -x yourfile.txt"
It will be saved as encrypted with a passphrase.
You can use vim or cream at this point:
"vim yourfile.txt" or "cream yourfile.txt".
Either one will natively open "yourfile.txt" and prompt for the passphrase and transparently allow edits and re-saving as encrypted. FINALLY the quest has been completed !!!!
I think it's pretty cool.....

Posted Image
REGISTERED LINUX USER #547579


#2 OFFLINE   securitybreach

securitybreach

    CLI Phreak

  • Forum Admins
  • 24,708 posts

Posted 18 March 2019 - 08:13 PM

Holy crap, I have been using vim for over 10 years and did not know that it had built in encryption. Now to see how good the encryption actually is.

Well crap..

Quote

From the VIM documentation:
  • The algorithm used is breakable. A 4 character key in about one hour, a 6 character key in one day (on a Pentium 133 PC). This requires that you know some text that must appear in the file. An expert can break it for any key. When the text has been decrypted, this also means that the key can be revealed, and other files encrypted with the same key can be decrypted.

Posted ImagePosted Image
Configs/PGP Key/comhack π

"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984

#3 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,788 posts

Posted 18 March 2019 - 09:50 PM

COOL, but definitely NOT meant for high security applications. It's safe to use to keep your wife, kids, co-workers from being nosy, though.

#4 OFFLINE   securitybreach

securitybreach

    CLI Phreak

  • Forum Admins
  • 24,708 posts

Posted 18 March 2019 - 09:58 PM

View PostV.T. Eric Layton, on 18 March 2019 - 09:50 PM, said:

COOL, but definitely NOT meant for high security applications. It's safe to use to keep your wife, kids, co-workers from being nosy, though.

True :thumbsup:
Posted ImagePosted Image
Configs/PGP Key/comhack π

"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984

#5 OFFLINE   wa4chq

wa4chq

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 683 posts

Posted 19 March 2019 - 07:34 AM

I found it yesterday because I was trying to find a way to edit my *.gpg file.  I use GPG to encrypt my passwords.  I didn't realize using VIMs encryption was weak but I only have one item in that file I made yesterday.  But it is kind of important so I will continue to look for ways to edit my *.gpg file.  But for general use, I'll use the VIM method.  Would encrypting it twice buy time?  :hmm:

Posted Image
REGISTERED LINUX USER #547579


#6 OFFLINE   securitybreach

securitybreach

    CLI Phreak

  • Forum Admins
  • 24,708 posts

Posted 19 March 2019 - 07:36 AM

View Postwa4chq, on 19 March 2019 - 07:34 AM, said:

Would encrypting it twice buy time?  :hmm:

If it's as easy as they claim, encrypting it 50 times wouldn't slow it down much.
Posted ImagePosted Image
Configs/PGP Key/comhack π

"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984

#7 OFFLINE   wa4chq

wa4chq

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 683 posts

Posted 19 March 2019 - 08:55 AM

View Postsecuritybreach, on 19 March 2019 - 07:36 AM, said:

View Postwa4chq, on 19 March 2019 - 07:34 AM, said:

Would encrypting it twice buy time?  :hmm:

If it's as easy as they claim, encrypting it 50 times wouldn't slow it down much.
Yeah, I sorta was just kiddin'....  :teehee:  What I do for some passwords is just write down a question only I would know the answer to, and that's the password.....then encrypt it.

Posted Image
REGISTERED LINUX USER #547579


#8 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,788 posts

Posted 19 March 2019 - 09:43 AM

Neil, you can encrypt/decrypt (using gpg) in Slackware all day long with a built-in app called GNU Privacy Assistant (gpa). I've been using it for years and years with no troubles at all. :)

Posted Image

#9 OFFLINE   wa4chq

wa4chq

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 683 posts

Posted 19 March 2019 - 11:19 AM

Hey Eric....I use gpg but I've only done it from the command line....I never saw the gui shown above.  I am still using gpg and can decrypt but I haven't been able to edit the contents.....I get overwhelmed sometimes reading man pages.  I guess if I just made up a new file with the updated contents I could generate a new key and still retain my current password to decrypt the  *.gpg file?
On another tack....I had to replace my hd on the lappy a few months ago.  I've partitioned it but have only gotten around to installing MX-18......  Have a slack 14.2 disc when the time comes....

Just found "seahorse" installed.....reckon it's a frontend for GnuGPG

Edited by wa4chq, 19 March 2019 - 12:28 PM.

Posted Image
REGISTERED LINUX USER #547579


#10 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,788 posts

Posted 19 March 2019 - 01:00 PM

Yes, Seahorse (an old Gnome app) works really well, also! :)

#11 OFFLINE   wa4chq

wa4chq

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 683 posts

Posted 19 March 2019 - 03:27 PM

I will have to read up a little about it...  Decrypting isn't the problem and really, either is the need to edit my file.  It's just sometimes I have to change one of the passwords in that file and I don't know how to edit the file.

Posted Image
REGISTERED LINUX USER #547579


#12 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,788 posts

Posted 19 March 2019 - 09:30 PM

Decrypt file --> edit file --> Encrypt file

All done.  :)

#13 OFFLINE   wa4chq

wa4chq

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 683 posts

Posted 20 March 2019 - 07:56 AM

View PostV.T. Eric Layton, on 19 March 2019 - 09:30 PM, said:

Decrypt file --> edit file --> Encrypt file

All done.  :)
Tnx Eric and it sounds easy enough but I use gpg from cli....actually I use:
gpg -d *.gpg
and it prints it out to my screen.  Can't edit it.

Posted Image
REGISTERED LINUX USER #547579


#14 OFFLINE   wa4chq

wa4chq

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 683 posts

Posted 20 March 2019 - 08:06 AM

I'm looking at Seahorse right now and in the help section it has this:

Quote



Create a new keyring



Use keyrings to group related passwords. You can choose to protect your keyring with a password.



Create a new password keyring:


  • Select File ▸ New….

  • Choose Password Keyring and press Continue.

  • Choose a name for your new keyring, then press OK to continue.

  • To password protect your keyring, choose a password, and retype it to confirm your choice. Leave both the fields blank if you want your keyring to remain unlocked at all times.

  • Press Continue to finish creating the keyring. If you have not protected your keyring with a password, you will need to confirm that this is how you want to proceed.
Your new keyring will now be listed under Passwords.

This has nothing to do with editing my passwords but it looks easier to follow than the man page for gpg.  If I try this I wonder if I could use the old password I have when decrypting my password file with gpg -d?

Posted Image
REGISTERED LINUX USER #547579


#15 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,788 posts

Posted 20 March 2019 - 11:09 AM

When decrypting from CLI, it may display the decrypted file, but you need to use an editor to edit it. If you prefer to stay in CLI, open the decrypted file with VIM, NANO EMACS... whatever your flavor - edit, save, encrypt again. :)

HMM... I don't know that it would be a good idea to create a new keyring. Having more than one on your system could lead to confusion. What app is currently handling your keyring? Do you know?

#16 OFFLINE   wa4chq

wa4chq

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 683 posts

Posted 20 March 2019 - 02:10 PM

View PostV.T. Eric Layton, on 20 March 2019 - 11:09 AM, said:

When decrypting from CLI, it may display the decrypted file, but you need to use an editor to edit it. If you prefer to stay in CLI, open the decrypted file with VIM, NANO EMACS... whatever your flavor - edit, save, encrypt again. :)

HMM... I don't know that it would be a good idea to create a new keyring. Having more than one on your system could lead to confusion. What app is currently handling your keyring? Do you know?
I am using GPG....that's about all I know.  I set it up from the CLI a few years ago.  As far as opening the decrypted file with NANO or VIM....not sure what you mean.
I thought about just doing some tests, creating a file.gpg containing anything and encrypting it.  So are you saying if I encrypted "something_else" to "something_else.gpg" I should use the same keyring and password I use for the other encrypted file?  Boy, I is getting confused!  lol

Posted Image
REGISTERED LINUX USER #547579


#17 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,788 posts

Posted 20 March 2019 - 03:19 PM

GPG is a form of encryption, not an app. What is the frontend for the GPG on that system? Just curious...

#18 OFFLINE   wa4chq

wa4chq

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 683 posts

Posted 20 March 2019 - 04:27 PM

I'm sorry I'm a dork when it comes to this stuff.....  I'm using MX-18 now and the first thing I did so I could get to my encrypted stuff was to install GPG.  I don't know what the frontend is.  Yesterday I found Seahorse and I see my personal PGP key....but I haven't a clue how to use Seahorse.....reading their help page was not a big help....lol  Hey, its all good......things are fine the way they are and I've been dealing with this setup without being able to edit....I just have to go an extra step to make a separate file that contains a new password and phrase it such that only I know what it is.....here's an example:  "D-G"......   lol....  Hey, thanks for taking the time to help me with this......  it's good.....

Posted Image
REGISTERED LINUX USER #547579


#19 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,788 posts

Posted 20 March 2019 - 09:31 PM

GUI frontends for GPG

Something to read that might be helpful...

http://blog.ghostint...g-command-line/

#20 OFFLINE   securitybreach

securitybreach

    CLI Phreak

  • Forum Admins
  • 24,708 posts

Posted 20 March 2019 - 10:06 PM

View PostV.T. Eric Layton, on 20 March 2019 - 09:31 PM, said:

GUI frontends for GPG Something to read that might be helpful...

http://blog.ghostint...g-command-line/

Nice :thumbsup:
Posted ImagePosted Image
Configs/PGP Key/comhack π

"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984

#21 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,788 posts

Posted 20 March 2019 - 11:13 PM

Neil said, "I'm sorry I'm a dork when it comes to this stuff..."

Don't be sorry. I don't remember most of this stuff anymore these days. I use search engines for really technical information... oh, and Josh. ;)

#22 OFFLINE   securitybreach

securitybreach

    CLI Phreak

  • Forum Admins
  • 24,708 posts

Posted 21 March 2019 - 06:05 AM

View PostV.T. Eric Layton, on 20 March 2019 - 11:13 PM, said:

Neil said, "I'm sorry I'm a dork when it comes to this stuff..."

Don't be sorry. I don't remember most of this stuff anymore these days. I use search engines for really technical information... oh, and Josh. ;)

Who in turn, uses his Google Fu to arrive at the solution B)
Posted ImagePosted Image
Configs/PGP Key/comhack π

"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984

#23 OFFLINE   wa4chq

wa4chq

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 683 posts

Posted 21 March 2019 - 07:41 AM

Good morning....  Google is a big help for most of my problems but there are times I just don't get it.  Maybe it's how they word it.  There are many subjects I can understand but there are some that are just way over my head.  Note picture on the left.....  You guys have been a big help in explaining things in terms I understand....most of the time....lol.  I'm glad there's no test!  Have a great Thursday....rain (again) here in S. E. Virginia.

Posted Image
REGISTERED LINUX USER #547579


#24 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,788 posts

Posted 21 March 2019 - 08:12 AM

The rains will be starting here in Florida pretty soon. Today's going to be a beautiful day, though... 54F right now, 73F later in the day. I'm enjoying this for as long as it lasts. The miserable, hot, humid weather will be here to stay (for about 6 months) before we know it. :(

HA! Google fu... had to look that one up. I'm a bit rusty on my Zen terminology. ;)

https://www.urbandic...?term=google-fu

#25 OFFLINE   securitybreach

securitybreach

    CLI Phreak

  • Forum Admins
  • 24,708 posts

Posted 21 March 2019 - 08:13 AM

Hehe
Posted ImagePosted Image
Configs/PGP Key/comhack π

"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users