لطفا منتظر باشید ...
Recipe 6.15 Keeping Track of Passwords
6.15.1 Problem
You have to remember a zillion
different usernames, passwords, and SSH passphrases for various
remote hosts and web sites.
6.15.2 Solution
Store them in a file encrypted with
GnuPG. Maintain
it with Emacs and crypt++.el [Recipe 7.23] or with vim. [Recipe 7.24] Create handy scripts to extract and print
passwords as you need them.
6.15.3 Discussion
A possible file format is:
login<tab>password<tab>comment
Protect the file from access by other users:
$ chmod 600 $HOME/lib/passwords.gpg
Then create a script, say, $HOME/bin/mypass, to
extract passwords based on
grep
patterns:
#!/bin/bash
PWFILE=$HOME/lib/passwords.gpg
/usr/bin/gpg -d $PWFILE | /bin/grep -i $@
$ mypass yahoo
Enter passphrase: ********
karma24 s3kr1TT My Yahoo password
billybob 4J%ich3!UKMr Bill's Yahoo password
Now you can type or copy/paste the username and password as needed.
When finished, clear your window scroll history (or close the window
entirely) and clear your clipboard if it contained the password.Admittedly, this technique will not satisfy every security expert. If
the password file gets stolen, it could conceivably be cracked and
all your passwords compromised en masse .
Nevertheless, the method is convenient and in use at major
corporations. If you are concerned about higher security, keep the
password file on a computer that has no network connection. If this
is not possible, at least keep the computer behind a firewall. For
very high security installations, also physically isolate the
computer in a locked room and distribute door keys only to trusted
individuals.
6.15.4 See Also
gpg(1).
