You are not logged in.

#1 2012-04-23 18:35:00

crouse
Arch Linux f@h Team Member
From: Iowa - USA
Registered: 2006-08-19
Posts: 903
Website

Vim encryption , encrypting with vim and blowfish.

I am always on the search for the other ways to encrypt my documents on a server.   
I’ve used gpg keys, gpg symetric encryption, but this one seems to fit the bill the best. 
Encrypting with vim is a very painless process, it does take some setup, but not much, I promise.

The first thing I do is to setup an alias in my .bashrc file.  I alias the following :

alias vime=”vim -u ~/.vimencrypt -x ″

vime is short for "vim encrypted", at least in my head wink
WHEW! Step one finished, that was easy! ……hey, where is that “easy button” again ?

Next is to edit/and or/create a separate .vimrc just for this, and I name mine  .vimencrypt
This file will be in your home directory.  ~/home/YOU/.vimencrypt     
It contains the following:

source ~/.vimrc
set nobackup
set noswapfile
set nowritebackup
set cm=blowfish

Note: Since Vim 7.3 (2010-08-15)(and newer), vim can now use Blowfish encryption.
If your using an older vim -- remove the "set cm=blowfish" line. It will then default to crypt for encryption.

I know, very complicated right ?  wink   That’s it folks, you are now READY to use encryption with vim! 
Now, simply type "vime something.txt"  and you’re on your way.

You will then see:

Enter encryption key:

Enter same key again:

If you entered the same key twice, then you should be presented with a normal vim interface.   

If you use “vime” to encrypt the document the first time, it will stay encrypted. 
You can then just use vim normally to edit it endlessly (vim will ask for your password, you only have to use "vime" on the initial creation of the document), and it’s encrypted when you close it. 

Now you will see VimCrypt~02……. when you cat your encrypted file, and it’s encrypted with blowfish, a MUCH MUCH stronger encryption than just “crypt” which can be broken fairly easily.

> cat test
VimCrypt~02!sD~wLПYEx

I hope you have fun with vim and encryption.

Edit: fixed the alias ...too damn used to functions.. wink

Last edited by crouse (2012-04-24 03:52:16)

Offline

#2 2012-04-23 18:51:18

guelfi
Member
From: /home/guelfi
Registered: 2011-07-01
Posts: 111

Re: Vim encryption , encrypting with vim and blowfish.

Wow, that's really... easy big_smile

You may want to add

source /etc/vimrc

to .vimencrypt, because otherwise, the system wide options (which, on Arch, include invaluable settings like nocompatible) are not applied.

Offline

#3 2012-04-23 18:53:22

crouse
Arch Linux f@h Team Member
From: Iowa - USA
Registered: 2006-08-19
Posts: 903
Website

Re: Vim encryption , encrypting with vim and blowfish.

no.. you DON'T want to do that wink

There is a REASON that there is a separate file for "vime".  Put what ever else you "think" you need in that file... however, the less the better.

You "could" just type "vime something.txt" ...... save and close the file, and reopen with normal VIM (which would load your normal vim profile information) so things would work "normally".

Last edited by crouse (2012-04-23 19:02:30)

Offline

#4 2012-04-23 19:54:12

guelfi
Member
From: /home/guelfi
Registered: 2011-07-01
Posts: 111

Re: Vim encryption , encrypting with vim and blowfish.

I don't really see your point here. Arch's default system-wide vim config (/usr/share/vim/vimfiles/archlinux.vim) is pretty minimal, and while I understand that backup and swap files may render the whole encryption useless, I don't think Arch's options have this effect.
Also, if you'd be really consequent about this, you wouldn't source your own configuration in .vimencrypt.

Besides, isn't the whole point of encryption with vim that you can edit encrypted files easily... with your favorite text editor and settings?

Offline

#5 2012-04-24 02:30:22

crouse
Arch Linux f@h Team Member
From: Iowa - USA
Registered: 2006-08-19
Posts: 903
Website

Re: Vim encryption , encrypting with vim and blowfish.

My point was, with including  /usr/share/vim/vimfiles/archlinux.vim ... your assuming the Arch Linux defaults will never change.

Most vim users I know, have their own defaults set in .vimrc (why it's included, obviously it wouldn't HAVE to be included). 
The .vimencrypt and vime are simply for encrypted files, and keeping them separated from .vimrc makes it easy to safely encrypt.

Offline

#6 2012-04-24 02:55:45

Trilby
Forum Moderator
From: Massachusetts, USA
Registered: 2011-11-29
Posts: 14,011
Website

Re: Vim encryption , encrypting with vim and blowfish.

What's the "$1" in the alias?  That is a parameter passed to bashrc, there shouldn't be any.


InterrobangSlider
• How's my coding? See this page.
• How's my moderating? Feel free to email any concerns, complaints, or objections.

Offline

#7 2012-04-24 03:23:28

crouse
Arch Linux f@h Team Member
From: Iowa - USA
Registered: 2006-08-19
Posts: 903
Website

Re: Vim encryption , encrypting with vim and blowfish.

Trilby wrote:

What's the "$1" in the alias?  That is a parameter passed to bashrc, there shouldn't be any.

In this particular context, $1 represents the name of your file... it can be used in many shell scripts/alias's etc, not sure where you got the above information.  $1 means the first argument.

vime nameofyourfile.txt

the alias is then translated literally into:

vim -u ~/.vimencrypt -x nameofyourfile.txt

~~ Edit ... removed the $1 --- DOH, thanks Trilby.  FWIW, $1 is used in functions in your .bashrc, and NOT alias's...

Last edited by crouse (2012-04-24 04:00:30)

Offline

#8 2012-04-24 03:28:23

jasonwryan
Forum & Wiki Admin
From: .nz
Registered: 2009-05-09
Posts: 19,050
Website

Re: Vim encryption , encrypting with vim and blowfish.

Doesn't work for me with the $1 - it creates a file called "bell-style" or somesuch. Works fine without.

Thanks - a nice little tool.


Arch + dwm   •   Mercurial repos  •   Github

Registered Linux User #482438

Online

#9 2012-04-24 03:29:00

/dev/zero
Member
From: Melbourne, Australia
Registered: 2011-10-20
Posts: 1,176
Website

Re: Vim encryption , encrypting with vim and blowfish.

crouse wrote:

$1 represents the name of your file...

vime nameofyourfile.txt

the alias is then translated literally into:

vim -u ~/.vimencrypt -x nameofyourfile.txt

In an alias?

$ alias foo="echo $1 '|' "
$ foo bar
| bar

Linux is NOT Windows | The Rootless Root
Toshiba Satellite i5-3230M 2.6GHz CPUs, 4Gb RAM, ArchLinux, wmii, nVidia GeForce GT 740M.

Offline

#10 2012-04-24 03:30:34

Trilby
Forum Moderator
From: Massachusetts, USA
Registered: 2011-11-29
Posts: 14,011
Website

Re: Vim encryption , encrypting with vim and blowfish.

?? Aliases don't take parameters.

The $1 is filed in when .bashrc is parsed due to the double quotes around the alias.

The alias still works because only 'vime' is replaced with the alias string ending now with the '-x '.

If you put single quotes around the alias this would fail as the $1 would not be filed until the command is executed.

The "$1" should just be removed.  It won't cause any harm as long as no parameter is pased to .bashrc, but if one ever is passed (somehow) then it will cause a problem.

edit: It looks like Jasonwryan's .bashrc does receive a parameter.  Now I'm curious how.

Last edited by Trilby (2012-04-24 03:31:44)


InterrobangSlider
• How's my coding? See this page.
• How's my moderating? Feel free to email any concerns, complaints, or objections.

Offline

#11 2012-04-24 03:43:16

jasonwryan
Forum & Wiki Admin
From: .nz
Registered: 2009-05-09
Posts: 19,050
Website

Re: Vim encryption , encrypting with vim and blowfish.

Digression With the paramter in the alias, vim tries to open two files (Two files to edit in the status line). I have 'set bell-style visible' in my .bashrc and when bash tries to parse the parameter it seems to choke and force vim into creating an additional file called bell-style. The original filename passed to vim fails and is not created...


Arch + dwm   •   Mercurial repos  •   Github

Registered Linux User #482438

Online

#12 2012-04-24 03:50:45

Trilby
Forum Moderator
From: Massachusetts, USA
Registered: 2011-11-29
Posts: 14,011
Website

Re: Vim encryption , encrypting with vim and blowfish.

$ echo $1

$ set bell-style visible
$ echo $1
bell-style
$ echo $1
bell-style
$ echo this is a test
this is a test
$ echo $1
bell-style
$ set novar blah
$ echo $1
novar

Intersting.  Set, seems to leave it's first parameter in $1 after it is done.


InterrobangSlider
• How's my coding? See this page.
• How's my moderating? Feel free to email any concerns, complaints, or objections.

Offline

#13 2012-04-24 03:56:39

crouse
Arch Linux f@h Team Member
From: Iowa - USA
Registered: 2006-08-19
Posts: 903
Website

Re: Vim encryption , encrypting with vim and blowfish.

Trilby wrote:

?? Aliases don't take parameters.

The $1 is filed in when .bashrc is parsed due to the double quotes around the alias.

The alias still works because only 'vime' is replaced with the alias string ending now with the '-x '.

If you put single quotes around the alias this would fail as the $1 would not be filed until the command is executed.

The "$1" should just be removed.  It won't cause any harm as long as no parameter is pased to .bashrc, but if one ever is passed (somehow) then it will cause a problem.

edit: It looks like Jasonwryan's .bashrc does receive a parameter.  Now I'm curious how.


<facepalm> ... your right... so used to writing functions for my .bashrc anymore and not alias's i totally missed that....  fixed original post AND my .bashrc wink . Thank you.

Offline

#14 2012-04-24 08:56:46

skanky
Member
From: WAIS
Registered: 2009-10-23
Posts: 1,838

Re: Vim encryption , encrypting with vim and blowfish.

You could just keep it as a function anyway. There's  no reason why it has to be an alias (or a function, but if that's what you generally write, might as well stick to it). I've added it to mine as a function as I only use those, not aliases.

Thanks for the tip, anyway. smile


"...one cannot be angry when one looks at a penguin."  - John Ruskin
"Life in general is a bit shit, and so too is the internet. And that's all there is." - scepticisle

Offline

#15 2012-09-25 03:56:01

rasch
Member
Registered: 2012-02-23
Posts: 4

Re: Vim encryption , encrypting with vim and blowfish.

Nice method for encrytion! You should also add

set viminfo=

to your .vimencrypt file otherwise data from your encryted file can end up written in your .viminfo file.  I'm not sure that you need to set noswapfile as I believe that the data passed to this file is still encrypted (but better safe than sorry).

Offline

#16 2013-06-03 08:43:40

Prowler
Member
Registered: 2011-05-16
Posts: 16

Re: Vim encryption , encrypting with vim and blowfish.

I would add my 2, useful to me, cents. Using the above settings works fine for managing an encrypted file, but removing the -x option once the file has been encrypted removes the need to enter the password twice, which isn't a security benefit as the password cannot be changed by accident.

Also, I found that I need to add one line to my .vimEncrypt, if I want to have working Insert button, arrow keys during insert, delete etc. :
autocmd BufReadPre,FileReadPre * set nocompatible
I don't know exactly how it works, I figure that nocompatible option that is automatically run on vim startup fixes a working directory problem or something.

Nice encryption method, replaced my openssl script with this, easier and much more secure.

Offline

#17 2013-06-22 17:41:42

chickenPie4tea
Member
Registered: 2012-08-21
Posts: 287

Re: Vim encryption , encrypting with vim and blowfish.

cool, realy useful.  I had been quickly encrypting text blocks I wanted srambling with the g? then press ENTER command but this is usful to have alongside.


You can like linux without becoming a fanatic!

Offline

Board footer

Powered by FluxBB