grahamking / kip Goto Github PK

Need better handling - output help text

Auto-complete from contents of ~/.kip/passwords/

I might want to have one config files which encrypts to myself (the normal case), and another that encrypts to all my colleagues. There should be a command line switch to override default config file.

Use case: Is my google account under google.com or gmail.com? I can't remember and want to search...

I realize this is an ls or find away, but it'd be nice to have it accessible from kip.

Would be nice if when sshed to a machine, kip could put the password on my local clipboard. Google search gives us:

http://stackoverflow.com/questions/1152362/getting-items-on-the-local-clipboard-from-a-remote-ssh-session
http://unix.stackexchange.com/questions/16694/copy-input-to-clipboard-over-ssh

Creating this ticket to track the idea, report on experiments.

echo "password" | kip mysite.com user will leave the password in plain text in the user's shell history. There must be a better way to do it.

At the moment to edit your username or notes you use gpg, decrypt the file, edit it, encrypt it again. That's fine, but it would be quite nice to do something like: kip <sitename> --amend <username> <notes>

On many sites you don't know if your username is available, or valid, until after you've entered a password.

When running ./kip add something the gpg command might fail (Invalid keys, or whatever). If it does, kip creates an empty file, tries to decrypt it (which obviously fail), and return a stack trace.

Ideally, if the GPG command fails (or returns an empty string), the file would never be created and an error message will be shown. Another option is that, if decryption fails, the file is considered corrupt and deleted.

I would like to address the "wife's laptop" problem: I'm not at my computer, I'm at my wife's laptop, or at a library computer, or on a friends iPad, and I need my password.

Things that probably won't work

1. An easy and good solution is to put your keys on a USB stick, along with Gpg4win. Does that require any support from kip? I don't think so - gpg4win should be able to decrypt the files directly.

This only works if I can get to the USB port of the machine. At my library the computer might be locked down. My iPad does not have a USB port.

2. In-browser client-side decryption in Javascript. There is a JS opengpg library, but it only does encryption. The author says "Many people ask me about decryption in Javascript. I don't think that it could be really useful to do decryption in Javascript, because it requires the secret key and I would never paste my secret key in a web form." Decrypting the files on the client requires us to send your secret key to a potentially hostile computer.

Idea

I think using HTTP / a browser is the simplest and most widely available interface.

We should definitely use SSL, although we can probably leave that for external tools, such as stunnel (or any SSL and proxy capable web server).

We could decrypt everything server-side before you go travelling, and re-encrypt it with a "disposable" symmetric cipher, which also has a JS implementation, such as AES.

We add a kip server command which waits for a glob as the url path, and sends you the AES encrypted file, along with some JS. On the client the JS asks you for the passphrase and decrypts the file.

We can also use HTTP basic-auth to discourage people more.

Once you get back home you stop the kip server and delete the symmetric files. You're only at risk during your travels.

I would probably forget to do this before I leave, so setup must be simple enough that I can talk a friend through it on the phone ("Turn on my computer and type ssh remote_machine, now type kip server, ok enter this as the passphrase, that's it thanks!")

I think using SSL will protect us from network caches, and doing decryption in JS will protect us from the browser's cache.

This requires you to have an Internet visible server you can run stuff on.

What if there is a key logger on the machine I'm using?

Once we have a basic plan I can ask for feedback on a crypto forum.

@yml, @sethtrain, @WRB What do you think?

I think that the encrypted password file will beneficiate from being structured, at the moment we are only storing 3 arbitrary fields:

• name
• username
• notes

i would prefer if this fields where configurable and if I could add more on some special account answer to the mysterious question, digicode for a door, ...

I think this could easily be done if the encrypted files were structured. There are few file formats that are both human readable and easily parsed in Python:

• INI ConfigParser
• CSV CSV

Python has a parser included for both of them in stdlib.

There is one import (from kip import __version__) that prevents me from just downloading a single file and running it as a stand-alone script. It'd be a nice feature to have.

If you create an entry and then later use a filepart (partial name) to refer to it, the filename gets changed to the filepart:

$ kip add somesite.com 
$ kip list
Listing /Users/brian/.kip/passwords/*:
somesite.com
$ kip edit somesite --notes "hello"
$ kip list
Listing /Users/brian/.kip/passwords/*:
somesite

Kip displays a good error description, but there is no need to also write out the whole python traceback. As a user it wouldnt help me, just more confusing.

Just do this if I add --verbose or so.

martin ~/Dropbox/Lincoln Loop devs/secrets $ ./kip get vimeo.com
gpg: Entschlüsselung fehlgeschlagen: Geheimer Schlüssel ist nicht vorhanden
Traceback (most recent call last):
  File "./kip", line 519, in <module>
    sys.exit(main())
  File "./kip", line 107, in main
    retcode = CMDS[args.cmd](args)
  File "./kip", line 114, in cmd_get
    return show(args.filepart, args.is_print)
  File "./kip", line 310, in show
    username, password, notes = extract(filename)
  File "./kip", line 354, in extract
    username = parts[1]
IndexError: list index out of range