Task: Protecting a text file with a GnuPG on a dual boot Windows/Linux and beeing able to read/write on both OS. Use VIM to edit.
* installing GnuPG and vim:
On Linux:
# apt-get install gnupg vim
On windows:
Install gvim: ftp://ftp.vim.org/pub/vim/pc/gvim70.exe
Install Gpg4win: http://gpg4win.wald.intevation.org/download.html (version 1.0.8)
Add GPG to the PATH environment variable so that Windows knows where to find the program. In Windows NT/2000/XP, you will find this under the Control Panel, System Properties, the Advanced tab, Environment Variables, System variables.
* create public/private key. Create on them on Linux and then copy them on windows
$ gpg --gen-key
Linux file created are:
~/.gnupg/secring.gpg The secret keyring
~/.gnupg/pubring.gpg The public keyring
~/.gnupg/trustdb.gpg The trust database
Windows files will be in C:\Documents and Settings\user\Application Data\gnupg )
* To list the key:
$ gpg --list-keys
* To backup the keys
export public key
$ gpg --export -a > my_public_key.gpg
export private (secret) key with passphrase proctection (keep this file on a very safe place)
$gpg -a --export-secret-keys | gpg -aco > my_private_key.gpg
* encrypte a file
$ gpg --output mydoc.gpg --encrypt --default-recipient-self mydoc.txt
* decrypte a file
$ gpg --output mydoc.txt --decrypt mydoc.gpg
* read and save encrypted file with vim http://www.vim.org/
Linux: need the following in .vimrc
Windows: need the following in C:\Program Files\Vim\_vimrc
set ignorecase
set autoindent " always set autoindenting on
set textwidth=0 " Don't wrap words by default
set nobackup " Don't keep a backup file
set viminfo='20,\"50 " read/write a .viminfo file, don't store more than
" 50 lines of registers
set history=50 " keep 50 lines of command line history
set ruler " show the cursor position all the time
set mousehide " Hide the mouse when typing text
set path=.,,C:\Program\ Files\GNU\GnuPG\
"set showcmd=off
"set shortmess=a
"set cmdheight=2
"Adapted from http://www.vi-improved.org/wiki/index.php/VimGpg
augroup encrypted
au!
" First make sure nothing is written to ~/.viminfo while editing
" an encrypted file.
autocmd BufReadPre,FileReadPre *.gpg set viminfo=
" We don't want a swap file, as it writes unencrypted data to disk
autocmd BufReadPre,FileReadPre *.gpg set noswapfile
" Switch to binary mode to read the encrypted file
autocmd BufReadPre,FileReadPre *.gpg set bin
autocmd BufReadPre,FileReadPre *.gpg let ch_save = &ch|set ch=2
"changed: autocmd BufReadPost,FileReadPost *.gpg '[,']!gpg --decrypt 2> /dev/null
autocmd BufReadPost,FileReadPost *.gpg '[,']!gpg -q --decrypt
" Switch to normal mode for editing
autocmd BufReadPost,FileReadPost *.gpg set nobin
autocmd BufReadPost,FileReadPost *.gpg let &ch = ch_save|unlet ch_save
autocmd BufReadPost,FileReadPost *.gpg ks|call RemoveM()|'s
autocmd BufReadPost,FileReadPost *.gpg execute ":doautocmd BufReadPost " . expand("%:r")
" Convert all text to encrypted text before writing
"changed: autocmd BufWritePre,FileWritePre *.gpg '[,']!gpg --default-recipient-self -ae 2>/dev/null
autocmd BufWritePre,FileWritePre *.gpg '[,']!gpg -q --default-recipient-self -ae
" Undo the encryption so we are back in the normal text, directly
" after the file has been written.
autocmd BufWritePost,FileWritePost *.gpg u
augroup END
fun RemoveM()
set cmdheight=2
execute ":%s/\r//g"
endfun
* more docs:
http://webber.dewinter.com/gnupg_howto/english/GPGMiniHowto-3.html
http://www.gnupg.org/gph/en/manual.html