Monday, June 20, 2011

Old fashion password safe using openssl

I don't understand password safe software. What's wrong with just encrypting a plain text file? Maybe it's old fashion. Maybe I am missing something, but this seems pretty good. If I am wrong, set me straight.

Encrypt your file (enter passcode):
openssl enc -aes-256-cbc -a -salt -in passwords.txt -out passwords.txt.encrypted
Then remove the old file. You might want to shred the file, because you can recover simple deletes.

Un-encrypt your file (enter passcode):
openssl enc -d -aes-256-cbc -a -in passwords.txt.encrypted
The un-encrypted data is written to the output stream.

See also OpenSSL: Documents, enc(1). You can use whatever cipher you want.

Of course, you now have a main password to your password file. So protect that and remember it.

Oh, you have windows? Install Cygwin. Don't know how to do that? Just keep your passwords on paper then and put them in a physical safe in your home.

No comments:

Share on Twitter