Storing passwords safely on Linux

I wanted an easy way to store the different logins and passwords for various sites. I prefer something which is really secure and is not automatically accessible/unlocks when I login. Tried using Seahorse (eventhough it will unlock the keyring on login), but it seemed to lack a userid field. Storing such info in the comments feels not right to me. Plus, sometimes I want to store a bit of extra information (stuff like secret question + answers.. I find them insecure and prefer to just put another password there).

Initially I looked at Console Password Manager, but unfortunately Mandriva didn’t have a package for it. Further, development seemed to have stalled a bit.

I’ve settled now on a GnuPG plugin for Vim. Really easy to use, plus I can access it easily via SSH. Only drawback is that it will show all the passwords when I unlock/edit the textfile, ideally Vim should fold everything and so I can unfold the password I need at that time.

10 thoughts on “Storing passwords safely on Linux”

  1. Try this syntax/modeline to fold your password file. Works great for me.

    # vim: sts=2 sw=2 fdm=indent fdt=

    service name
    login
    password
    misc…

  2. Did you look at Revelation? I think a lot of folks use KeepassX, which I believe has clients for Android, iPhone, etc. But, Revelation, along with UbuntuOne, suits my needs pretty well.

  3. I just created an extra keyring inside seahorse – this will not be unlocked on login. Then I just use login@site as key name for encoding site+login for each place. The last part is a bit of a hack, but works well for me :-)

  4. I use the old-school PWman[0]; it’s beautifully UNIX-y: GPG key for encryption, ncurses-based for CLI/remote access, and very fast.

    There’s also “PWman 3″[1] (even though the original PWman still gets the odd commit), which is Python-based and, in this commenter’s humble opinion, a severe step down from PWman 2 (e.g. it can’t use an existing GPG key) – I mention it only because “sudo apt-get install pwman” on Ubuntu will suggest pwman3 instead. Avoid! Avoid!

    [0] http://sourceforge.net/projects/pwman/
    [1] Their website is gone…

Comments are closed.