Language Selection

English French German Italian Portuguese Spanish

The Ultimate Linux Password Management Guide Part 8 gnupg

Filed under
HowTos

This is part 8 of a multi-part article. Part 1 is available here, part 2 is available here, part 3 is available here, part 4 is available here, part 5 is here, part 6 is available here, and part 7 is available here. Part 1 discusses the importance of complex passwords and also discusses some ways to create them in Linux. Part 2 covers the KeepassX, a program with a very nice graphical user interface. Part 3, takes a look at the gpass program which is a nice graphical user interface for the gnome desktop (will work on others too). Part 4 takes a look at the command line pwsafe. Part 5 takes a look at the command line cpm (console password manager). Part 6 takes a look at ked password manager that has both a GTK2 and cli interface. Part 7, we will take a look at gorilla password manager.

In part 8, we will take a look at using gnupg, a common application already included on most Linux distributions for managing passwords.

ABOUT
GnuPG allows you to encrypt and sign your data and communications. It features a versatile key management system as well as access modules for all kind of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available. Version 2 of GnuPG also provides support for S/MIME.

FEATURES
GnuPG itself is a commandline tool without any graphical stuff. It is the real crypto engine which can be used directly from a command prompt, from shell scripts or by other programs. Therefore it can be considered as a backend for other applications.
However, even when used on the command line it provides all functionality needed - this includes an interactive menu system. The set of commands of this tool will always be a superset of those provided by any frontends.

ARTICLE OVERVIEW
In this article, I am going to show you some tricks with using gnupg to manage passwords. Of course, you can simply create a text file and encrypt it with gnupg and then unencrypt the file in order to view your password list. However, with more than a couple of passwords, this becomes very cumbersome.

Full Article




More in Tux Machines

today's lefftovers

OSS Leftovers

  • Running for the board of the Open Source Initiative – a few words
    Today I would like to explain my reasons for my candidacy at the board of the Open Source Initiative. I can think of two kinds of reason for my decision: one is personal, and the other one is directly related to current state of Open Source and software freedom. Let’s start with the first one: I’m currently helping the Open Information Security Foundation and the Suricata project in my capacity at ANSSI, while contributing in a minor way to the LibreOffice project and the Document Foundation.
  • Tutanota: Encrypted Open Source Email Service for Privacy Minded People
    Since then, I have heard of another email provider that you may be interested in. It’s a little different, but it touts some of the same features ProtonMail does: privacy, security, open-source code, etc. It’s called Tutanota, and like ProtonMail, I am a very big fan.
  • Open FinTech Forum – Event preview, October 10-11, New York City.
  • The tracker will always get through
    A big objection to tracking protection is the idea that the tracker will always get through. Some people suggest that as browsers give users more ability to control how their personal information gets leaked across sites, things won't get better for users, because third-party tracking will just keep up. On this view, today's easy-to-block third-party cookies will be replaced by techniques such as passive fingerprinting where it's hard to tell if the browser is succeeding at protecting the user or not, and users will be stuck in the same place they are now, or worse. I doubt this is the case because we're playing a more complex game than just trackers vs. users. The game has at least five sides, and some of the fastest-moving players with the best understanding of the game are the adfraud hackers. Right now adfraud is losing in some areas where they had been winning, and the resulting shift in adfraud is likely to shift the risks and rewards of tracking techniques.
  • MozMEAO SRE Status Report - February 16, 2018
    Here’s what happened on the MozMEAO SRE team from January 23 - February 16.
  • The major milestones of the Government Digital Service (GDS)
  • PyTorch Should Be Copyleft
    Most people have heard of Google’s Tensorflow which was released at the end of 2015, but there’s an active codebase called PyTorch which is easier to understand, less of a black box, and more dynamic. Tensorflow does have solutions for some of those limitations (such as Tensorflow-fold, and Tensorflow-Eager) but these new capabilities remove the need for other features and complexity of Tensorflow. Google built a great system for doing static computation graphs before realizing that most people want dynamic graphs. Doh! [...] I wish PyTorch used the AGPL license. Most neural networks are run on servers today, it is hardly used on the Linux desktop. Data is central to AI and that can stay owned by FB and the users of course. The ImageNet dataset created a revolution in computer vision, so let’s never forget that open data sets can be useful.
  • Linux on Nintendo Switch, a new Kubernetes ML platform, and more news
    In this edition of our open source news roundup, we take a look at the Mozilla's IoT gateway, a new machine learning platform, Code.mil's revamp, and more.

Security: France, Munich, 'Smart' Meters, MeltdownPrime and SpectrePrime

  • Highlights of the French cybersecurity strategy

    First, the document describes that in France cyberdefence and cyberoffence are separated. This is directly opposed to the models employed in Anglo-Saxon countries. But it’s shown as an asset. Key argument: it respects freedoms and civil liberties.

    The document then lists the six general objectives of cyberdefence, namely: prevention, anticipation, protection, detection, attribution, reaction (remediation). The strategy itself is complete, it focuses on civil, military, domestic, external, and international levels. Let’s say it’s a rarity in the business in strategic cybersecurity documents.

    [...]

    The strategy then mentions that one of the solutions could be to release source code and documentation after an end of support date.

  • The Munich Security Conference 2018

    Over the past five decades, the Munich Security Conference (MSC) has become the major global forum for the discussion of security policy. Each February, it brings together more than 450 senior decision-makers from around the world, including heads-of-state, ministers, leading personalities of international and non-governmental organizations, as well as high ranking representatives of industry, media, academia, and civil society, to engage in an intensive debate on current and future security challenges.

  • Smart meters could leave British homes vulnerable to cyber attacks, experts have warned
    New smart energy meters that the Government wants to be installed in millions of homes will leave householders vulnerable to cyber attacks, ministers have been warned.
  • MeltdownPrime and SpectrePrime: Researchers nail exploits
    "The flaws—dubbed Meltdown and Spectre—are in chips made by Intel and other major suppliers. They can allow hackers to steal data from the memory of running apps, including password managers, browsers and emails." The authors of the paper on arXiv, Caroline Trippel, Daniel Lustig, and Margaret Martonosi, discuss a tool they developed for "automatically synthesizing microarchitecture-specific programs capable of producing any user-specified hardware execution pattern of interest." They said they show "how this tool can be used for generating small microarchitecture-specific programs which represent exploits in their most abstracted form—security litmus tests."

How Linux became my job

I've been using open source since what seems like prehistoric times. Back then, there was nothing called social media. There was no Firefox, no Google Chrome (not even a Google), no Amazon, barely an internet. In fact, the hot topic of the day was the new Linux 2.0 kernel. The big technical challenges in those days? Well, the ELF format was replacing the old a.out format in binary Linux distributions, and the upgrade could be tricky on some installs of Linux. Read more