Simple password management with Bash and GPG

A while ago I was looking for a password management solution that I could trust, so of course being as paranoid as I am I decided to write my own. Now I’ve decided to share what I came up with.

My system takes the form of two bash functions which inhabit my .bashrc file. First is a password generation function:

This generates a 12 character alphanumeric password using pwgen and appends it to my password file along with a user supplied token (which is later used to retrieve the password. The password file is a tab separated file stored in the the home directory and encrypted with GPG. The password is copied to the clipboard with the xclip tool, where it stays for ten seconds before being wiped.

The second part of the system is a function to retrieve the password:

This function grabs the password from the secure file and again copies it to the clipboard ready to be pasted to wherever it is needed. Again the clipboard is cleared after ten seconds to prevent passwords hanging around to long.

To use these function just place them in your .bashrc file along with a definition of the MY_EMAIL variable (to allow GPG to find your key) and then source the file (or restart bash). Obviously you’ll need GPG, pwgen and xclip which on Fedora can be installed with:

Usage is very simple, just run each function in a terminal with an identification token as the argument:

That’s it! Feel free to give it a try. Improvments are most welcome, so please post them in the comments section.

Gallery

Beer Brewing Gallery 18/07/2012

This is my first post in my experiment with photo-blogging. It chronicles my continuing efforts at home-brewing, my latest brew being version 0.2 of a somewhat more complex recipe than I’ve tried in the past. I intend to post the recipe here once I have it perfected.

That’s it for now. I’ll update on the progress of this brew as it goes along.

I’m back!

Although I’ve not actually been anywhere.

With my last post nearly a year ago I thought I’d revive this blog. I don’t actually know why I stopped posting, its just been a busy year and blogging hasn’t really been top of my list of things to work on after busy days at work.

From a tech perspective I’ve mainly been working on setting up a MythTV system and general home server. MythTV has been working great since October and I’m still working on interesting stuff some of which I hope to share in these pages over the coming weeks.

I’m also planning on sharing some more photos here and writting some shorter posts. I want to change the style a bit so that it is more like the old ‘life-steam’ metaphor (yes I know everyone is using Facebook and Google+ for this now, but I just don’t like them). The long technical posts will still remain but there will be more frequent shorter posts like this one. The basic idea is to make the site look a little more lived in rather than the barren desert we’ve had recently!

Anyway, that’s all for now. Catch you again soon.

Installing Fedora 15 via boot.fedoraproject.org…

I recently decided it was time to upgrade my home desktop machine from Fedora 14 to Fedora 15. Since I generally tend to do a clean install rather than an in place upgrade and because I’ve recently acquired a much better internet connection, I decided to try out the Fedora boot server – boot.fedoraproject.org (BFO). BFO is a service that allows you to boot your computer directly into the Fedora installer over the internet. I think it uses gPXE/Etherboot under the hood, although I didn’t have to touch these directly. The following is a brief review of the service based on my experiences. Unfortunately, I didn’t have time to work out how to take screenshots from BFO so I don’t have any pretty pictures :-(.

I started out by visiting the BFO website and doing a bit of reading. The downloads page doesn’t really give you much info on how to proceed with BFO, so it’s best to check out the FAQ. BFO can be accessed in one of two different ways.  You can either download a boot image for some physical media (CD/DVD, USB and Floppy (!) images are available), or you can boot BFO directly from GRUB. The physical media images are of course pretty tiny since you’re not downloading the whole distro, just enough stuff to boot from the network. However, one of the attractions of BFO for me was to do away with physical media all together and so I went for the GRUB option.

In order to boot BFO via GRUB you obviously need to have GRUB installed as your bootloader. This shouldn’t be a problem if you are upgrading from an existing Linux install. To install BFO you run the following commands (as root) from the BFO FAQ:

wget -O/boot/bfo.lkrn http://serverbeach1.fedoraproject.org/pub/alt/bfo/bfo.lkrn
grubby --add-kernel=/boot/bfo.lkrn --title="Boot BFO"
reboot

This will add a new “Boot BFO” entry to your GRUB config and reboot your machine. Technically, you probably don’t want to reboot immediately since you should check that you have a decent length menu time out for GRUB (edit the ‘timeout’ line in /etc/grub.conf and run the ‘grub’ command afterwards).

Once I had completed these steps and rebooted, I was able to access the GRUB menu by pressing ESC. I then selected the new menu entry and proceeded to boot BFO. At first I got an error because my machine couldn’t get an IP address from the router. I had suspected this would happen since I don’t have the ethernet plugged in and these things usually don’t like wifi. I went searching for my long ethernet cable and everything worked on the second try. After a bit of loading (presumably downloading stuff) I was presented with another boot menu, which asked me what I wanted to boot. I selected the Fedora 15 x86_64 installer. BFO then started loading the kernel and initrd images for this (it took a while).

Once the installer booted up it was very much like the normal Fedora installer (in fact it is). I was able to go through all the usual stuff like partitioning, etc. Once nice feature of this installer is the package selection screen. This lets you install groups of packages (like ‘Games’ or ‘Software Development’) as well as individual packages. I can only think that this is a feature of the full Fedora DVD installer which is why I haven’t seen it before (I’ve only installed from Live CD previously). Happily, it enables you to get a much more functional system out of the box rather than the fairly bare Live CD install (for example it installed LibreOffice by default).

Once I’d finished making my package selections the installer started formatting the drives and installing packages. This was significantly slower than the Live CD install since it had to download and install each package separately (rather than the disk-dump approach taken by the Live CD installer). Once this was complete I rebooted and filled in my user details. I then had a fully functioning Fedora 15 install.

My Verdict:

My experience with BFO has been overwhelmingly positive. The install is significantly slower than a Live CD install, but when you factor in all the time that is saved by not downloading an burning (and reburning!) ISO images it’s probably about the same. Everything worked perfectly for me. except the previously mentioned wifi/ethernet issue which was more my fault than a BFO problem. The only improvement I could suggest is that the commands I mentioned above could be wrapped up into an RPM package and made available in the Fedora repository so they are available for everyone very easily. This would make the whole system very polished and easy to use.

Overall, I would highly recommend using BFO for your next Fedora install. It really beats any other install method I’ve used to date.