GPG-Based Password Wallet

Keep your passwords safe in an encrypted file.

Like many Internet addicts, I have way too many user name/password accounts to remember: accounts on social-networking sites, rarely used logins at work, on-line banking and so on. One solution to this problem is to use the same user name and password everywhere, but that's clearly not safe; if people get a hold of your account information in one place, they own all your other accounts too.

I wanted a relatively safe, flexible and easy way to store passwords and other useful confidential information. I also wanted it to be easily accessible, which meant that I'd like to get at it over a text-only SSH connection. And, I wanted it to be something that could move around from machine to machine without too much trouble.

A few months ago, I saw an article by Duane Odom on linux.ocm about a shell script that uses GPG to encrypt and decrypt a text file containing the user's list of passwords (or any kind of text). I liked this approach, as it met the following requirements:

  1. It stores passwords in a well-encrypted text file (protected by a master password). The text file could contain anything and be formatted any way I want.

  2. The entire interface is text (an ncurses password interface, followed by less or a text editor like vim), so you can access it over a nongraphical SSH session (see the Accessing Your Password Wallet from the Computer at Your Friend's House sidebar).

  3. The script is built on standard utilities common to most Linux distributions (gpg and dialog).

Although I liked the way the original script worked, I wanted to add several features. So I made some alterations to the original, and the result is shown in Listing 1.

It's pretty easy to install; simply save the script somewhere in your $PATH and make it executable. Then, you just need to tell it where your encrypted password file should be. There are three ways to do this:

  1. Set the $WALLET_FILENAME environment variable.

  2. Set $WALLET_FILENAME in ~/.walletrc.

  3. Specify the filename with the -c command-line option.

The second method (which overrides the first method) is my preference—I have the following line in ~/.walletrc:


But, if I needed to use a different wallet file, I could override either of the first two methods with the command-line option by calling the script like this:

wallet -c ~/docs/other_wallet.gpg

wallet defaults to its read-only mode, in which it displays the decrypted version of your wallet file using less. But, if you include the -e command-line option (edit mode), the script decrypts your wallet file to a temporary location and opens it in a text editor (the script defaults to using vi, but you can set the $VISUAL variable in the environment or in your ~/.walletrc file). When you close the editor, wallet encrypts the file and saves it to the original location.

The first time you run wallet, you won't have a wallet file, so wallet creates it for you and runs in edit mode.



Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Just use vi directly

Anonymous's picture

Besides the issue with echo $PASSWORD already mentioned, this also puts a cleartext version of your secrets on disk, in tmp files, etc. Although there is an attempt to clean it all up, it's still rather messy and overly complex.
If you use vi, you can edit the gpg files directly with no cleartext ever touching the disk. And it's much simpler.

... and even worse: echo

Anonymous's picture

... and even worse:

echo $PASSWORD | gpg --decrypt --passphrase-fd 0

$PASSWORD will be visible to every local user, in cleartext on process list (ps command)


Milo's picture

well, it's nice idea to use shred instead of rm. with rm -f you are deleting link to the inode, but inode itself is left untouched. on BSD rm -P should be sufficient.