A *more* secure(-ish) crypted file

I have been using two commands blogged about by a friend Steve Harris to store my passwords on my mac osx laptop. He illustrated two commands “useful” and “viuseful” which open an gpg encrypted file using less and vi respectively. Opening the file in less, allows for safe read-only access to the contents of the encrypted file. The vi mode of operation as described by Steve leaves a temporary copy of the file that exists in plaintext briefly while it’s being encrypted.

With a little help from one of my current colleagues Sid I have altered Steve’s example by writing the temp file to a ramdisk, which is subsequently srm’d.

The fact that this implementation never writes the contents of the unencrypted file to disk, I recon I can go as far as saying that it was a little *more* secure than Steve’s original post Image may be NSFW.
Clik here to view.


#Password config
USEFUL_FILE="$HOME/.passwords/passwords.txt.gpg"
USEFUL_KEYID="XXXXXXXX"
RDLABEL="ramdisk"
RAMDISK="/Volumes/$RDLABEL" # Please no spaces
FILE="passtmp" # Please no spaces

function useful {
  gpg --trust-model always -d $USEFUL_FILE | less
}

function ramdisk {
  let SIZE=$1*2
  # Check if the ramdisk is already mounted
  if [[ $(mount | grep "$RAMDISK " | wc -l) -eq 0 ]]; then
    diskutil erasevolume HFS+ "$RDLABEL" $(hdiutil attach -nomount ram://$SIZE) &> /dev/null
  fi
}

function cleanup {
  if [[ -e "$RAMDISK/$FILE" ]]; then
    srm -f "$RAMDISK/$FILE"
    umount "$RAMDISK"
  fi
}

function viuseful {
  ramdisk 4096 # 4MB
  cp "$USEFUL_FILE" "$USEFUL_FILE~"
  vi '+set viminfo=' '+set noswapfile' '+r !gpg --trust-model always --quiet -d '"$USEFUL_FILE"' 2>/dev/null' '+1d' '+redraw!' "$RAMDISK/$FILE"
  if [ -s "$RAMDISK/$FILE" ]; then
    gpg --trust-model always --yes -r "$USEFUL_KEYID" -o "$USEFUL_FILE" -e "$RAMDISK/$FILE"
  else
   echo "File not changed"
  fi
  cleanup
}

So yeah, a big shout out to both Steve and Sid, for now I have a proprietary secure(-ish) way of storing all of various passwords.

If someone would like to tell me how to create the RAMDISK on a linux machine I would love to know Image may be NSFW.
Clik here to view.