vim with gpg file encryption

general = { about, articles, links, projects } meta = { date-posted: 2008-06-16 }

I have alot of passwords to manage. Password here, password there. Painful. I kept a few throw away account passwords in a text file in my home dir, and found this to be an easy way for me to reference them all. However, secure it certainly was not. What to do?!

After some digging around, I discovered a vim plugin that lets me 'transparently' edit gpg encrypted files. Wewt!

Here are the steps:

Download the gnupg.vim plugin.
Place the plugin in ~/.vim/plugin/
Create a gpg encrypted file.

Note here that you can use either symmetric encryption, or asymmetric. Since I already have a gpg public/private keychain, I went with asymmetric, and simply encrypted the file to myself (used my public key to encrypt it so that only my private key could decrypt it).
For simplicity, a symmetric key is easier to demonstrate.

Time to create an encrypted file with a symmetric key!
```
$ echo "failboat" > omg-secret.txt
$ gpg -c --cipher-algo AES256 omg-secret.txt
# enter passphrase twice 
$ rm omg-secret.txt
```
Now there should only be an omg-secret.txt.gpg file. wewt!

Try to open that file in vim now.

$ vim omg-secret.txt.gpg
# you should be prompted for a password. enter it
# type some stuff
# :wq the file

Take a look at the file in a plain text viewer.

$ less omg-secret.txt.gpg
# looks like garbage. yay!

Open the file in vim again.

$ vim omg-secret.txt.gpg
# you should be prompted for a password. enter it
# you should now see the 'some stuff' you typed earlier
# :q the file

You can roll in some variants, such as:

using public key crypto as I mentioned earlier, and gpg-agent
using a different algorithm (gpg --version lists them)
using an ascii armored, instead of binary encrypted, password file (add -a to the -c original encryption command)