#!/bin/sh # swordsap $Revision: 1.6 $ $Date: 2002/03/02 15:28:46 $ # free software by felix # the is under the GPL http://www.gnu.org/licenses/gpl.html # it comes with NO WARRANTY! # use at your own risk, as part of a balanced diet SSFILE=~/swordsap.gpg TMPDIR=/tmp [ "$EDITOR" ] || EDITOR=nano ### end of configuration ### if [[ "$1" == "-h" || "$1" == "--help" ]]; then cat - <<-EndMessage Usage: $0 [ -e | ] minimalist password organiser script, using gpg. the current password file is $SSFILE. the previous version is backed up to $SSFILE~. if -e is given, we go into edit mode. if invoked with no arguments the whole file is viewed. otherwise the file is viewed with the given filter (piped through grep). EndMessage exit 0 fi if [ ! -f $SSFILE ]; then if [ -f $SSFILE~ ]; then echo "backup file $SSFILE~ detected, but no main file." read -p "do you want to restore the backup? (y/n) [y] " -n 1 RESTOREIT echo "" if [ ! "$RESTOREIT" == "n" ]; then cp $SSFILE~ $SSFILE echo "backup password file restored." exit 0 fi fi read -p "password file $SSFILE does not exist; create? (y/n) [y] " -n 1 CREATEIT echo "" if [ ! "$CREATEIT" == "n" ]; then MSG="enter any information to be encrypted into this file.\n" MSG="${MSG}it is useful (for querying) to store one unit of information per line.\n" MSG="${MSG}when finished, save the file, exit the editor, and enter the password.\n" if ( echo -e $MSG | gpg --openpgp -armor --symmetric --output $SSFILE ); then echo "password file created." echo "now run '$0 -e' and enter your private information." else exit 1 fi fi exit 0 fi if [ ! -r $SSFILE ]; then echo "cannot read password file $SSFILE" exit 1 fi if [ "$1" == "-e" ]; then SSTMP=`perl -e "for(1..20){print chr(int(rand 26)+97)}"` # $RANDOM SSTMP="$TMPDIR/$SSTMP" echo "temp file: $SSTMP" if ( gpg --decrypt $SSFILE > $SSTMP ); then chmod 600 $SSTMP chattr +s $SSTMP $EDITOR $SSTMP clear echo "" echo "enter password to re-encrypt the file with:" echo "if you want to discard your changes, simply press twice." echo "" mv -f $SSFILE $SSFILE~~ if ( gpg --openpgp -armor --symmetric --output $SSFILE $SSTMP ); then mv -f $SSFILE~~ $SSFILE~ rm -f $SSTMP exit 0 else mv -f $SSFILE~~ $SSFILE rm -f $SSTMP echo "" echo "the password file is unchanged." exit 1 fi else exit 1 fi elif [ $1 ]; then if ( ! gpg --decrypt $SSFILE | grep $1 - ); then exit 1 fi else if ( gpg --decrypt $SSFILE ); then echo "" echo "consider using a filter argument to swordsap, rather than viewing the entire file." echo "using a filter minimises the exposure of sensitive information to the screen and terminal." else exit 1 fi fi echo "" read -p "press 'n' if you do NOT want to clear the screen: (timeout in 60 seconds) [] " -t 60 -n 1 CLEARIT echo "" if [ ! "$CLEARIT" == "n" ]; then clear fi