Posts tagged ‘cryptography’

Vim encryption , encrypting with vim and blowfish.

I am always on the search for the other ways to encrypt my documents on a server.
I’ve used gpg keys, gpg symetric encryption, but this one seems to fit the bill the best.
Encrypting with vim is a very painless process, it does take some setup, but not much, I promise.

The first thing I do is to setup an alias in my .bashrc file.  I alias the following :

alias vime=”vim -u ~/.vimencrypt -x″

vime is short for “vim encrypted”, at least in my head wink
WHEW! Step one finished, that was easy! ……hey, where is that “easy button” again ?

Next is to edit/and or/create a separate .vimrc just for this, and I name mine  .vimencrypt
This file will be in your home directory.  ~/.vimencrypt     
It contains the following:

source ~/.vimrc 
set nobackup 
set noswapfile 
set nowritebackup 
set cm=blowfish

Note: Since Vim 7.3 (2010-08-15)(and newer), vim can now use Blowfish encryption.
If your using an older vim — remove the “set cm=blowfish” line. It will then default to crypt for encryption.

I know, very complicated right ?  wink   That’s it folks, you are now READY to use encryption with vim!
Now, simply type “vime something.txt”  and you’re on your way.

You will then see:

Enter encryption key:

Enter same key again:

If you entered the same key twice, then you should be presented with a normal vim interface.

If you use “vime” to encrypt the document the first time, it will stay encrypted.
You can then just use vim normally to edit it endlessly (vim will ask for your password, you only have to use “vime” on the initial creation of the document), and it’s encrypted when you close it.

Now you will see VimCrypt~02……. when you cat your encrypted file, and it’s encrypted with blowfish, a MUCH MUCH stronger encryption than just “crypt” which can be broken fairly easily.

> cat test VimCrypt~02!sD~wLПYEx

I hope you have fun with vim and encryption.


encfs – encrypted filesystem in user-space

Quoting from Wikipedia:
EncFS is a Free (GPL’ed) FUSE-based cryptographic filesystem that transparently encrypts files, using an arbitrary directory as storage for the encrypted files.

Two directories are involved in mounting an EncFS filesystem: the source directory, and the mountpoint. Each file in the mountpoint has a specific file in the source directory that corresponds to it. The file in the mountpoint provides the unencrypted view of the one in the source directory. Filenames are encrypted in the source directory.

Files are encrypted using a volume key, which is stored encrypted in the source directory. A password is used to decrypt this key.

Sounds complicated, but it’s really not. Basically what we are going to accomplish here is creating Directory that has all the files in it encrypted.
This will work on any system, this requires 3 applications if they are not already installed. fuse rlog encfs For me, it’s simply a matter of using pacman and installing them. You can use whatever package manager your distro provides or you can install from source.

Continue reading ‘encfs – encrypted filesystem in user-space’ »

My new 8,192 bit public key.

I’ve been playing with gpg again, and decided it was time to bump up my key size in order to have a key that was acceptable for encryption for the next few years. Until quantum computing kicks in, then I’ll have to double/quadruple the key size again… who knows. But for now, I think this will suffice for awhile.

Modifying gpg source code to allow 8,192 bit keys was simple to accomplish and the information is freely available on the net, so I won’t repost it here. However, if you want my new key, here it is :)
Continue reading ‘My new 8,192 bit public key.’ »