Introducing myvault

I wanted someway from a Unix shell to edit an encrypted file that would store some semi-sensitive information. Google failed to bring me any acceptable candidates. So I decided to dive into the world of shell scripting and came up with something I’m going to call myvault.

It uses OpenSSL to generate a random 32 character password, which it then uses to symmetrically encrypt the file. The password is then asymmetrically encrypted using an RSA key. A new random 32 character password is generated every time it is run.

By default, it uses your SSH key to open a file called “.myvault” in your $HOME directory using Vim. You can pass it arguments to use a different encrypted file and/or private/public key(s). You can even encrypt/decrypt any file which it then spits to STDOUT for your use.

Now I’m no shell scripting genius nor a complete beginner. So I may have done things inefficiently or down right wrong. Please leave feedback for improvements or changes.

Check it out here: http://github.com/dctrwatson/myvault

  • Pingback: Tweets that mention Introducing myvault « Dctr Watson -- Topsy.com()

  • Pingback: Tweets that mention Introducing myvault « Dctr Watson -- Topsy.com()

  • http://twitter.com/noah256 Noah

    This is neat!
    Two things I would love to see added – First, support for $EDITOR (some crazy folks don’t use vim).
    Second, it would be awesome to be able to specify a tmpfile location. For instance, if I wanted to decrypt to a ramdisk (because I’m stupidly paranoid).
    Also, If you post it to GitHub, I’ll fork it and add these two features if you don’t have the time or inclination to do so.
    Cool work overall, I think I’m going to use this!

    • http://www.dctrwatson.com Doctor Watson

      I’ll create a GitHub project tomorrow.

      I’ve updated it to use the $EDITOR and $TMPDIR environment vars.

      It works with both Ubuntu and FreeBSD =D