3

OpenPGP / GnuPG notepad recommendations?

 1 year ago
source link: https://lobste.rs/s/vhp170/openpgp_gnupg_notepad_recommendations
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

GnuPG notepad recommendations?

Can the community recommend some trusted, secure, open-source, easy-to-use notepad-like editors that can encrypt / decrypt the text with GnuPG out of the box?

For my own use-cases I have my own scripts that tie gpg with my favorite editor, but I’m looking for a simple to use editor (like LeafPad, MousePad, Howl, etc.) that given a file-path (which is either an .gpg or .asc file) will transparently decrypt it, allow the user to view / edit it, and upon closing to just re-encrypt that file keeping the recipients intact (and perhaps signing it). (It doesn’t matter if its for the terminal or X.)

I’ve found many password managers that rely on GnuPG, and I bet there are plugins for the various vi and emacs clones out there, but so far nothing sensible on this other front…

P.S. I’m starting to suspect that the whole OpenPGP ecosystem was built with only one use-case in mind: encrypted and/or signed email. The rest, although technically possible, suffers from a complete lack of actually usable tools…

P.P.S: No, age doesn’t solve this problem either. It just replaces one set of cryptographic primitives with another, but on the usability front I would say it’s even a bit worse than GnuPG for normal people…

In the past I’ve used features built into Emacs such as EasyPG which is further documented here.

Thanks for the pointer!

However, the problem with complex editors like emacs, vi and their clones is that the user has to be already acquainted with them, else…

In my case, I’m searching for such an editor for a non-sophisticated Linux user, thus anything more complex than nano-like wouldn’t work.

x64k

5 hours ago

| link

I don’t use more advanced features but FWIW, I think Emacs will give you basic symmetric encryption/decryption out of the box, without any configuration, just by opening a .gpg file, and cua-mode, which gives you familiar keybindings, is basically a one-line config snippet.

Not trying to advocate for it, Emacs is a huge beast to drag just to encrypt/decrypt things and something simpler would definitely be better. All I’m saying is, if you don’t find a simpler alternative after all, getting Emacs to the point where it’s “just” a Notepad clone with a bunch of weird menu items doesn’t take too much effort, and is mostly a case of customizing some “legacy”-looking features (enabling cua-mode, forcing find file dialogs instead of minibuffer prompts for opening/saving files etc.).

  1. I’m not trying to dismiss a powerful editor / IDE like emacs, vi or even VS Code and the other Electron behemoths, but think of giving such an editor to a non-technical family member… How would that work out?

    With regard to setting it up, I think it’s simpler if I just write a bash script and tie that to the xdg-open, then just decrypt to a temporary file, open a simple editor, wait for it to exit, and if the file was changed, just re-encrypt it.

    However, this is such a simple use-case, I can’t believe there isn’t more easier tooling than all these… It should be implemented right into the gpg tool like gpg --edit-file ./secret.asc.

    1. x64k

      1 hour ago

      | link

      I’m not trying to dismiss a powerful editor / IDE like emacs, vi or even VS Code and the other Electron behemoths, but think of giving such an editor to a non-technical family member… How would that work out?

      In my experience, and I know I’m going to get flak for it, if you’re giving them a Linux machine, it’s already going to work out rather poorly :-D.

      My experience with non-technical people trying to use Emacs is that, as long as they stay away from anything other than Open File, Save, Save As, Undo/Redo and the like, it works okay. But, yeah, something simpler would definitely be ideal.

      I’m not surprised simpler tools aren’t easily available tbh. Anyone who’s tech-savvy and patient enough to put up with GPG is probably tech-savvy and patient enough to write their own editor if need be. In ASM. For their own processor. Which they made from scratch by sculpting grains of sand. GPG is really horrifying. I wouldn’t use it if it weren’t for Emacs.

      With regard to setting it up, I think it’s simpler if I just write a bash script and tie that to the xdg-open, then just decrypt to a temporary file, open a simple editor, wait for it to exit, and if the file was changed, just re-encrypt it.

      Oh, absolutely, if having a temporary, unencrypted copy of the file isn’t a problem, this is 100% okay. IMHO this is okay for pretty much any “normal person who’s not on the FBI watchlist and wants to keep a diary” kind of threat model. The unencrypted copy is trivial to retrieve but if you’re mainly concerned about things like laptops getting stolen, it’s probably enough.

      1. I’m not surprised simpler tools aren’t easily available tbh. Anyone who’s tech-savvy and patient enough to put up with GPG is probably tech-savvy and patient enough to write their own editor if need be.

        Now that you’ve mentioned it, I do have my own editor sce. :) So, at least I’m another data-point for your conjecture. :)

        Oh, absolutely, if having a temporary, unencrypted copy of the file isn’t a problem, this is 100% okay. IMHO this is okay for pretty much any “normal person who’s not on the FBI watchlist and wants to keep a diary” kind of threat model. The unencrypted copy is trivial to retrieve but if you’re mainly concerned about things like laptops getting stolen, it’s probably enough.

        Indeed, the threat-model here is having the laptop stolen, but you don’t have so much important data that it warrants full-disk-encryption. (Although it should still hold to a full disk dump and searching for strings.)

        Now about the recoverability of my proposed approach:

        • if one uses tmpfs without swap (or encrypted swap), it might be quite safe;
        • in Linux, there is also ramfs, a non-swappable variant of tmpfs (actually this was the first implementation, tmpfs came later), which doesn’t leak contents outside of the memory; (it’s also used by systemd to store “credentials” given to the various services;)

        However, and this is something else that made me wonder, why don’t editors allow reading from stdin, and on exiting writing on stdout what was edited? This is such a useful feature that would make temporary files needless for such a use-case. (For example, my own sce linked above, has this feature: if it detects that stdin / stdout are pipes, it reads / writes the “buffer”.)

        Which also brings me to the last point: general purpose editors are completely unsuited to handle “secret” data. They can leak it to disk by having their memory swapped, the console emulator / X11 can leak it to swap, etc. In fact, even the kernel can leak your data as it’s stored and passed through various buffers. (Does the kernel zero-out pages when mapping them to another process?)


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK