[CLUG-chat] Poll for Password Managers

Jeremy Thurgood jerith at jerith.za.net
Thu Aug 10 15:07:34 SAST 2006


Tom Coetser wrote:
> On Thursday, 10 August 2006 10:53, Jeremy Thurgood wrote:
> 
>>I don't use a password manager, but I do keep a list of passwords (along
>>with a bunch of other sensitive information) in an encrypted file that I
>>mount through cryptoloop.  It's all commandline-based and the mountpoint
>>is the home directory of a "crypto" user, which means my bash history is
>>also encrypted.  A little labour-intensive to set up and I haven't found
>>a way to automatically unmount the loopback cleanly yet, but it does the
>>job and appeals to my (somewhat warped) sense of aesthetics.  :-)
> 
> This is certainly a very secure and flexible way of storing sensitive 
> information. Without having tried it yet, it sounds like it might be a bit of 
> a mission to get to the passwords though, not so?

Well, I have a handful of passwords that I use for day-to-day stuff that
I have memorised.  The file in there is only really for stuff that needs
to be secure but that I don't access very often.  On the other hand, the
facts that its mountpoint is a homedir lets me mount it in a .bash_login
file, so I can "su -" to user crypt, type the user password and then the
cryptoloop passphrase and I'm in the encrypted environment.  There seems
to be no way of unmounting on a logout, though, since it complains about
the filesystem being in use.  Thus, I have to unmount it as root after I
log off the crypt user.  An alternative is to run a cron job that checks
if the filesystem is mounted and crypt is logged in and do the necessary
cleanup.

--J


More information about the clug-chat mailing list