An org password manager

An org password manager

[Jorge A. Alfaro-Murillo]

Hi! I have been using org for managing passwords for a some time now. In
case someone is interested, the code is in:
https://bitbucket.org/alfaromurillo/org-passwords.el

To consult the database, the code provides a function to open the Org
file with the passwords in Read-Only mode, sets a timer after which the
buffer is killed and provides functions for copying the password without
it getting into the kill-ring. It also provides two types of functions
for generating passwords: strings of random characters, and random words
of the correcthorsebatterystaple-type. The README file in bitbucket has
detailed information about the usage.

If there is interest from the community this can also go to /contrib.

Best,

Jorge.

Re: An org password manager

[Igor Sosa Mayor]

jorge.a.alfaro@gmail.com (Jorge A. Alfaro-Murillo) writes:

> Hi! I have been using org for managing passwords for a some time now. In
> case someone is interested, the code is in:
> https://bitbucket.org/alfaromurillo/org-passwords.el

interesting. Thanks for sharing. 

Re: An org password manager

[Ramon Diaz-Uriarte]

Dear Jorge,

Neat!! Thanks for providing the details.

I've been using a somewhat similar approach with a lot less functionality
for a few years, but as I reported in the org email list, something I find
unsettling is that if an encrypted buffer is killed right when it is being
opened (when you just typed the password ---sure, low probability, but not
zero), part of the contents of the encrypted buffer are left, as plain
text, in other buffer(s).

I reported this here

http://lists.gnu.org/archive/html/emacs-orgmode/2011-12/msg00841.html

and I still experience the problem (I just try it not to happen). Is
this not affecting you at all? I'd have thought it would, since you are
also using a timer to kill the buffer, and it could fire right after you
enter the password.


Best,


R.


On Sun, 11-05-2014, at 07:21, Jorge A. Alfaro-Murillo <jorge.a.alfaro@gmail.com> wrote:
> Hi! I have been using org for managing passwords for a some time now. In
> case someone is interested, the code is in:
> https://bitbucket.org/alfaromurillo/org-passwords.el
>
> To consult the database, the code provides a function to open the Org
> file with the passwords in Read-Only mode, sets a timer after which the
> buffer is killed and provides functions for copying the password without
> it getting into the kill-ring. It also provides two types of functions
> for generating passwords: strings of random characters, and random words
> of the correcthorsebatterystaple-type. The README file in bitbucket has
> detailed information about the usage.
>
> If there is interest from the community this can also go to /contrib.
>
> Best,
>
> Jorge.


-- 
Ramon Diaz-Uriarte
Department of Biochemistry, Lab B-25
Facultad de Medicina 
Universidad Autónoma de Madrid 
Arzobispo Morcillo, 4
28029 Madrid
Spain

Phone: +34-91-497-2412

Email: rdiaz02@gmail.com
       ramon.diaz@iib.uam.es

http://ligarto.org/rdiaz

Re: An org password manager

[Colin Baxter]

Hi,

You can ensure a gpg buffer doesn't leave any traces by using a
minor-mode called "sensitive" which disables backups and auto-save. The code is
available on the Internet, but I'll post it here if anyone is
interested.

Best wishes,

Colin.


> Dear Jorge,
>
> Neat!! Thanks for providing the details.
>
> I've been using a somewhat similar approach with a lot less functionality
> for a few years, but as I reported in the org email list, something I find
> unsettling is that if an encrypted buffer is killed right when it is being
> opened (when you just typed the password ---sure, low probability, but not
> zero), part of the contents of the encrypted buffer are left, as plain
> text, in other buffer(s).
>
> I reported this here
>
> http://lists.gnu.org/archive/html/emacs-orgmode/2011-12/msg00841.html
>
> and I still experience the problem (I just try it not to happen). Is
> this not affecting you at all? I'd have thought it would, since you are
> also using a timer to kill the buffer, and it could fire right after you
> enter the password.
>
>
> Best,
>
>
> R.
>
>
> On Sun, 11-05-2014, at 07:21, Jorge A. Alfaro-Murillo
> <jorge.a.alfaro@gmail.com> wrote:
>> Hi! I have been using org for managing passwords for a some time now. In
>> case someone is interested, the code is in:
>> https://bitbucket.org/alfaromurillo/org-passwords.el
>>
>> To consult the database, the code provides a function to open the Org
>> file with the passwords in Read-Only mode, sets a timer after which the
>> buffer is killed and provides functions for copying the password without
>> it getting into the kill-ring. It also provides two types of functions
>> for generating passwords: strings of random characters, and random words
>> of the correcthorsebatterystaple-type. The README file in bitbucket has
>> detailed information about the usage.
>>
>> If there is interest from the community this can also go to /contrib.
>>
>> Best,
>>
>> Jorge.

-- 
Colin Baxter
http://www.colin-baxter.com

Re: An org password manager

[Ramon Diaz-Uriarte]

Dear Colin,



On Sun, 11-05-2014, at 15:56, Colin Baxter <m43cap@yandex.com> wrote:
> Hi,
>
> You can ensure a gpg buffer doesn't leave any traces by using a
> minor-mode called "sensitive" which disables backups and auto-save. The code is
> available on the Internet, but I'll post it here if anyone is
> interested.

Thanks, I did not know about that, but I think google found it. Are you
referring to

http://anirudhsasikumar.net/blog/2005.01.21.html

which was also mentioned in, say,

http://stackoverflow.com/questions/482256/is-there-an-emacs-variable-to-turn-off-backup-of-files-with-a-specific-extension


Best,


R.


>
> Best wishes,
>
> Colin.
>
>
>> Dear Jorge,
>>
>> Neat!! Thanks for providing the details.
>>
>> I've been using a somewhat similar approach with a lot less functionality
>> for a few years, but as I reported in the org email list, something I find
>> unsettling is that if an encrypted buffer is killed right when it is being
>> opened (when you just typed the password ---sure, low probability, but not
>> zero), part of the contents of the encrypted buffer are left, as plain
>> text, in other buffer(s).
>>
>> I reported this here
>>
>> http://lists.gnu.org/archive/html/emacs-orgmode/2011-12/msg00841.html
>>
>> and I still experience the problem (I just try it not to happen). Is
>> this not affecting you at all? I'd have thought it would, since you are
>> also using a timer to kill the buffer, and it could fire right after you
>> enter the password.
>>
>>
>> Best,
>>
>>
>> R.
>>
>>
>> On Sun, 11-05-2014, at 07:21, Jorge A. Alfaro-Murillo
>> <jorge.a.alfaro@gmail.com> wrote:
>>> Hi! I have been using org for managing passwords for a some time now. In
>>> case someone is interested, the code is in:
>>> https://bitbucket.org/alfaromurillo/org-passwords.el
>>>
>>> To consult the database, the code provides a function to open the Org
>>> file with the passwords in Read-Only mode, sets a timer after which the
>>> buffer is killed and provides functions for copying the password without
>>> it getting into the kill-ring. It also provides two types of functions
>>> for generating passwords: strings of random characters, and random words
>>> of the correcthorsebatterystaple-type. The README file in bitbucket has
>>> detailed information about the usage.
>>>
>>> If there is interest from the community this can also go to /contrib.
>>>
>>> Best,
>>>
>>> Jorge.


-- 
Ramon Diaz-Uriarte
Department of Biochemistry, Lab B-25
Facultad de Medicina 
Universidad Autónoma de Madrid 
Arzobispo Morcillo, 4
28029 Madrid
Spain

Phone: +34-91-497-2412

Email: rdiaz02@gmail.com
       ramon.diaz@iib.uam.es

http://ligarto.org/rdiaz

Re: An org password manager

[Colin Baxter]

Dear Ramon,

Yes. The first URL gives the lisp code.

I could never get sensitive mode to turn on by default for files having
gpg or cpt extensions. Consequently, I just "M-X sensitive RET" for each
file. To remind me, I put "sensitive" at the beginning of the file. You
may have better luck.

Best wishes,

Colin.



> Dear Colin,
>
>
>
> On Sun, 11-05-2014, at 15:56, Colin Baxter <m43cap@yandex.com> wrote:
>> Hi,
>>
>> You can ensure a gpg buffer doesn't leave any traces by using a
>> minor-mode called "sensitive" which disables backups and auto-save. The code is
>> available on the Internet, but I'll post it here if anyone is
>> interested.
>
> Thanks, I did not know about that, but I think google found it. Are you
> referring to
>
> http://anirudhsasikumar.net/blog/2005.01.21.html
>
> which was also mentioned in, say,
>
> http://stackoverflow.com/questions/482256/is-there-an-emacs-variable-to-turn-off-backup-of-files-with-a-specific-extension
>
>
> Best,
>
>
> R.
>
>
>>
>> Best wishes,
>>
>> Colin.
>>
>>
>>> Dear Jorge,
>>>
>>> Neat!! Thanks for providing the details.
>>>
>>> I've been using a somewhat similar approach with a lot less functionality
>>> for a few years, but as I reported in the org email list, something I find
>>> unsettling is that if an encrypted buffer is killed right when it is being
>>> opened (when you just typed the password ---sure, low probability, but not
>>> zero), part of the contents of the encrypted buffer are left, as plain
>>> text, in other buffer(s).
>>>
>>> I reported this here
>>>
>>> http://lists.gnu.org/archive/html/emacs-orgmode/2011-12/msg00841.html
>>>
>>> and I still experience the problem (I just try it not to happen). Is
>>> this not affecting you at all? I'd have thought it would, since you are
>>> also using a timer to kill the buffer, and it could fire right after you
>>> enter the password.
>>>
>>>
>>> Best,
>>>
>>>
>>> R.
>>>
>>>
>>> On Sun, 11-05-2014, at 07:21, Jorge A. Alfaro-Murillo
>>> <jorge.a.alfaro@gmail.com> wrote:
>>>> Hi! I have been using org for managing passwords for a some time now. In
>>>> case someone is interested, the code is in:
>>>> https://bitbucket.org/alfaromurillo/org-passwords.el
>>>>
>>>> To consult the database, the code provides a function to open the Org
>>>> file with the passwords in Read-Only mode, sets a timer after which the
>>>> buffer is killed and provides functions for copying the password without
>>>> it getting into the kill-ring. It also provides two types of functions
>>>> for generating passwords: strings of random characters, and random words
>>>> of the correcthorsebatterystaple-type. The README file in bitbucket has
>>>> detailed information about the usage.
>>>>
>>>> If there is interest from the community this can also go to /contrib.
>>>>
>>>> Best,
>>>>
>>>> Jorge.

-- 
Colin Baxter
http://www.colin-baxter.com

Re: An org password manager

[Ramon Diaz-Uriarte]

Dear Colin,

Great, thanks a lot.

I just tried it, and it worked out of the box, and it turns on by default
(I used the code at the bottom of the page). But I think I get a similar
problem as the one you reported: when I run it and the file is *.org.gpg,
then org mode is turned off. If I M-x org-mode (or add the
;;; -*- mode:org; -*-
), sensitive turns off, but stays if I M-x sensitive-mode. Anyway, enable now.


Best,

R.




On Mon, 12-05-2014, at 16:35, Colin Baxter <m43cap@yandex.com> wrote:
> Dear Ramon,
>
> Yes. The first URL gives the lisp code.
>
> I could never get sensitive mode to turn on by default for files having
> gpg or cpt extensions. Consequently, I just "M-X sensitive RET" for each
> file. To remind me, I put "sensitive" at the beginning of the file. You
> may have better luck.
>
> Best wishes,
>
> Colin.
>
>
>
>> Dear Colin,
>>
>>
>>
>> On Sun, 11-05-2014, at 15:56, Colin Baxter <m43cap@yandex.com> wrote:
>>> Hi,
>>>
>>> You can ensure a gpg buffer doesn't leave any traces by using a
>>> minor-mode called "sensitive" which disables backups and auto-save. The code is
>>> available on the Internet, but I'll post it here if anyone is
>>> interested.
>>
>> Thanks, I did not know about that, but I think google found it. Are you
>> referring to
>>
>> http://anirudhsasikumar.net/blog/2005.01.21.html
>>
>> which was also mentioned in, say,
>>
>> http://stackoverflow.com/questions/482256/is-there-an-emacs-variable-to-turn-off-backup-of-files-with-a-specific-extension
>>
>>
>> Best,
>>
>>
>> R.
>>
>>
>>>
>>> Best wishes,
>>>
>>> Colin.
>>>
>>>
>>>> Dear Jorge,
>>>>
>>>> Neat!! Thanks for providing the details.
>>>>
>>>> I've been using a somewhat similar approach with a lot less functionality
>>>> for a few years, but as I reported in the org email list, something I find
>>>> unsettling is that if an encrypted buffer is killed right when it is being
>>>> opened (when you just typed the password ---sure, low probability, but not
>>>> zero), part of the contents of the encrypted buffer are left, as plain
>>>> text, in other buffer(s).
>>>>
>>>> I reported this here
>>>>
>>>> http://lists.gnu.org/archive/html/emacs-orgmode/2011-12/msg00841.html
>>>>
>>>> and I still experience the problem (I just try it not to happen). Is
>>>> this not affecting you at all? I'd have thought it would, since you are
>>>> also using a timer to kill the buffer, and it could fire right after you
>>>> enter the password.
>>>>
>>>>
>>>> Best,
>>>>
>>>>
>>>> R.
>>>>
>>>>
>>>> On Sun, 11-05-2014, at 07:21, Jorge A. Alfaro-Murillo
>>>> <jorge.a.alfaro@gmail.com> wrote:
>>>>> Hi! I have been using org for managing passwords for a some time now. In
>>>>> case someone is interested, the code is in:
>>>>> https://bitbucket.org/alfaromurillo/org-passwords.el
>>>>>
>>>>> To consult the database, the code provides a function to open the Org
>>>>> file with the passwords in Read-Only mode, sets a timer after which the
>>>>> buffer is killed and provides functions for copying the password without
>>>>> it getting into the kill-ring. It also provides two types of functions
>>>>> for generating passwords: strings of random characters, and random words
>>>>> of the correcthorsebatterystaple-type. The README file in bitbucket has
>>>>> detailed information about the usage.
>>>>>
>>>>> If there is interest from the community this can also go to /contrib.
>>>>>
>>>>> Best,
>>>>>
>>>>> Jorge.


-- 
Ramon Diaz-Uriarte
Department of Biochemistry, Lab B-25
Facultad de Medicina 
Universidad Autónoma de Madrid 
Arzobispo Morcillo, 4
28029 Madrid
Spain

Phone: +34-91-497-2412

Email: rdiaz02@gmail.com
       ramon.diaz@iib.uam.es

http://ligarto.org/rdiaz

Re: An org password manager

[Colin Baxter]

Dear Ramon,

Yes, that's the problem I got with files *.org.gpg. I've never had the time -
nor inclination - to look into it further.

Best wishes,

Colin. 


> Dear Colin,
>
> Great, thanks a lot.
>
> I just tried it, and it worked out of the box, and it turns on by default
> (I used the code at the bottom of the page). But I think I get a similar
> problem as the one you reported: when I run it and the file is *.org.gpg,
> then org mode is turned off. If I M-x org-mode (or add the
> ;;; -*- mode:org; -*-
> ), sensitive turns off, but stays if I M-x sensitive-mode. Anyway, enable now.
>
>
> Best,
>
> R.
>
>

Re: An org password manager

[Jorge A. Alfaro-Murillo]

Dear Ramon and Colin,

If you are using an "(add-to-list 'auto-mode-alist ...)" for the gpg
files, that sets the major mode on. If you want to leave the major mode
as Org, do not use auto-mode-alist, but instead use a hook:
(add-hook 'org-mode-hook 'your-function), where your-function should be
one that checks if the file name ends with gpg and if so turns your
sensitivity-mode on.

Alternatively, define another major mode:

#+BEGIN_SRC emacs-lisp
  (define-derived-mode org-but-sensitive-mode org-mode
    ...)
#+END_SRC

and copy in "..." whatever your sensitive-minor-mode has.

Best,

Jorge.

Re: An org password manager

[Colin Baxter]

Dear Jorge,

Many thanks for this. I had forgotten about "define-derived-mode".

Best wishes,

Colin.


> Dear Ramon and Colin,
>
> If you are using an "(add-to-list 'auto-mode-alist ...)" for the gpg
> files, that sets the major mode on. If you want to leave the major mode
> as Org, do not use auto-mode-alist, but instead use a hook:
> (add-hook 'org-mode-hook 'your-function), where your-function should be
> one that checks if the file name ends with gpg and if so turns your
> sensitivity-mode on.
>
> Alternatively, define another major mode:
>
> #+BEGIN_SRC emacs-lisp
>   (define-derived-mode org-but-sensitive-mode org-mode
>     ...)
> #+END_SRC
>
> and copy in "..." whatever your sensitive-minor-mode has.
>
> Best,
>
> Jorge.
>
>
>

Re: An org password manager

[Ramon Diaz-Uriarte]

Thanks! I did not know that.

Best,

R.

On Tue, 13-05-2014, at 14:40, Jorge A. Alfaro-Murillo <jorge.a.alfaro@gmail.com> wrote:
> Dear Ramon and Colin,
>
> If you are using an "(add-to-list 'auto-mode-alist ...)" for the gpg
> files, that sets the major mode on. If you want to leave the major mode
> as Org, do not use auto-mode-alist, but instead use a hook:
> (add-hook 'org-mode-hook 'your-function), where your-function should be
> one that checks if the file name ends with gpg and if so turns your
> sensitivity-mode on.
>
> Alternatively, define another major mode:
>
> #+BEGIN_SRC emacs-lisp
>   (define-derived-mode org-but-sensitive-mode org-mode
>     ...)
> #+END_SRC
>
> and copy in "..." whatever your sensitive-minor-mode has.
>
> Best,
>
> Jorge.


-- 
Ramon Diaz-Uriarte
Department of Biochemistry, Lab B-25
Facultad de Medicina 
Universidad Autónoma de Madrid 
Arzobispo Morcillo, 4
28029 Madrid
Spain

Phone: +34-91-497-2412

Email: rdiaz02@gmail.com
       ramon.diaz@iib.uam.es

http://ligarto.org/rdiaz

Re: An org password manager

[Jorge A. Alfaro-Murillo]

Thanks Ramon,

Regarding your question, probably the bug is related to running a for
with all the buffers that are open. To get what you want you can try
something creating a minor mode for gpg files and adding a hook that
adds the buffer name of the gpg file that you open to a list of buffers
to kill:

  #+BEGIN_SRC emacs-lisp
    (define-minor-mode gpg-killing-mode
      "A mode to kill gpg files"
      :after-hook 
      (add-to-list 'gpg-buffers (buffer-name)))

    (add-to-list 'auto-mode-alist '("\\.gpg$" . gpg-killing-mode))

    (setq gpg-buffers nil)

    (run-at-time t 120 '(lambda () 
                         (mapcar 'kill-buffer gpg-buffers)
                         (setq gpg-buffers nil)))
      
  #+END_SRC

Instead killing all at the same time, I would probably kill each one
after a certain time, to avoid opening a file and have it right away
killed it was close to the end of the 2 min cycle:

  #+BEGIN_SRC emacs-lisp
    (define-minor-mode gpg-killing-mode
      "A mode to kill gpg files"
      :after-hook 
      (progn
        (setq gpg-buffers (append gpg-buffers (list (buffer-name))))
        (run-at-time 120 nil '(lambda () 
                                (kill-buffer (car gpg-buffers))
                                (setq gpg-buffers (cdr gpg-buffers))))))

    (add-to-list 'auto-mode-alist '("\\.gpg$" . gpg-killing-mode))  

    (setq gpg-buffers nil)
  #+END_SRC

Best,

Jorge.

Re: An org password manager

[Jorge A. Alfaro-Murillo]

jorge.a.alfaro@gmail.com (Jorge A. Alfaro-Murillo) writes:

I forgot to mention that what org-passwords.el does is to set a timer
each time that the password file is opened (analogous to the second
option in my previous message) rather than having just one timer with
repeat.

Jorge.

> Thanks Ramon,
>
> Regarding your question, probably the bug is related to running a for
> with all the buffers that are open. To get what you want you can try
> something creating a minor mode for gpg files and adding a hook that
> adds the buffer name of the gpg file that you open to a list of buffers
> to kill:
>
>   #+BEGIN_SRC emacs-lisp
>     (define-minor-mode gpg-killing-mode
>       "A mode to kill gpg files"
>       :after-hook 
>       (add-to-list 'gpg-buffers (buffer-name)))
>
>     (add-to-list 'auto-mode-alist '("\\.gpg$" . gpg-killing-mode))
>
>     (setq gpg-buffers nil)
>
>     (run-at-time t 120 '(lambda () 
>                          (mapcar 'kill-buffer gpg-buffers)
>                          (setq gpg-buffers nil)))
>       
>   #+END_SRC
>
> Instead killing all at the same time, I would probably kill each one
> after a certain time, to avoid opening a file and have it right away
> killed it was close to the end of the 2 min cycle:
>
>   #+BEGIN_SRC emacs-lisp
>     (define-minor-mode gpg-killing-mode
>       "A mode to kill gpg files"
>       :after-hook 
>       (progn
>         (setq gpg-buffers (append gpg-buffers (list (buffer-name))))
>         (run-at-time 120 nil '(lambda () 
>                                 (kill-buffer (car gpg-buffers))
>                                 (setq gpg-buffers (cdr gpg-buffers))))))
>
>     (add-to-list 'auto-mode-alist '("\\.gpg$" . gpg-killing-mode))  
>
>     (setq gpg-buffers nil)
>   #+END_SRC
>
> Best,
>
> Jorge.

Re: An org password manager

[Ramon Diaz-Uriarte]

Hola Jorge,



On Sun, 11-05-2014, at 19:20, Jorge A. Alfaro-Murillo <jorge.a.alfaro@gmail.com> wrote:
> jorge.a.alfaro@gmail.com (Jorge A. Alfaro-Murillo) writes:
>
> I forgot to mention that what org-passwords.el does is to set a timer
> each time that the password file is opened (analogous to the second
> option in my previous message) rather than having just one timer with
> repeat.

You are right! (I've been using this for over 3 years and hadn't realized
the obvious). The timer is always running (even before any gpg file is
opened), so I can end up with the unlikely coincidence of it firing right
when I open a gpg file.


It won't if I do as you suggest. Thanks!!!

Best,


R.


>
> Jorge.
>
>> Thanks Ramon,
>>
>> Regarding your question, probably the bug is related to running a for
>> with all the buffers that are open. To get what you want you can try
>> something creating a minor mode for gpg files and adding a hook that
>> adds the buffer name of the gpg file that you open to a list of buffers
>> to kill:
>>
>>   #+BEGIN_SRC emacs-lisp
>>     (define-minor-mode gpg-killing-mode
>>       "A mode to kill gpg files"
>>       :after-hook 
>>       (add-to-list 'gpg-buffers (buffer-name)))
>>
>>     (add-to-list 'auto-mode-alist '("\\.gpg$" . gpg-killing-mode))
>>
>>     (setq gpg-buffers nil)
>>
>>     (run-at-time t 120 '(lambda () 
>>                          (mapcar 'kill-buffer gpg-buffers)
>>                          (setq gpg-buffers nil)))
>>       
>>   #+END_SRC
>>
>> Instead killing all at the same time, I would probably kill each one
>> after a certain time, to avoid opening a file and have it right away
>> killed it was close to the end of the 2 min cycle:
>>
>>   #+BEGIN_SRC emacs-lisp
>>     (define-minor-mode gpg-killing-mode
>>       "A mode to kill gpg files"
>>       :after-hook 
>>       (progn
>>         (setq gpg-buffers (append gpg-buffers (list (buffer-name))))
>>         (run-at-time 120 nil '(lambda () 
>>                                 (kill-buffer (car gpg-buffers))
>>                                 (setq gpg-buffers (cdr gpg-buffers))))))
>>
>>     (add-to-list 'auto-mode-alist '("\\.gpg$" . gpg-killing-mode))  
>>
>>     (setq gpg-buffers nil)
>>   #+END_SRC
>>
>> Best,
>>
>> Jorge.


-- 
Ramon Diaz-Uriarte
Department of Biochemistry, Lab B-25
Facultad de Medicina 
Universidad Autónoma de Madrid 
Arzobispo Morcillo, 4
28029 Madrid
Spain

Phone: +34-91-497-2412

Email: rdiaz02@gmail.com
       ramon.diaz@iib.uam.es

http://ligarto.org/rdiaz

Re: An org password manager

[Cayetano Santos]

Hi Jorge,

   Are you aware of this http://git.zx2c4.com/password-store/tree/contrib/emacs ? It's an api to pass
   and other simple cli tools.

   Hope it helps,

c.

On 11-05-14 01:21:20, Jorge A. Alfaro-Murillo wrote:
>Hi! I have been using org for managing passwords for a some time now. In
>case someone is interested, the code is in:
>https://bitbucket.org/alfaromurillo/org-passwords.el
>
>To consult the database, the code provides a function to open the Org
>file with the passwords in Read-Only mode, sets a timer after which the
>buffer is killed and provides functions for copying the password without
>it getting into the kill-ring. It also provides two types of functions
>for generating passwords: strings of random characters, and random words
>of the correcthorsebatterystaple-type. The README file in bitbucket has
>detailed information about the usage.
>
>If there is interest from the community this can also go to /contrib.
>
>Best,
>
>Jorge.
>
>
>

Re: An org password manager

[Bastien]

Hi Jorge,

jorge.a.alfaro@gmail.com (Jorge A. Alfaro-Murillo) writes:

> If there is interest from the community this can also go to
> /contrib.

I think this would be a nice contribution.

Can you send a patch against the current master branch to add the
code in the contrib/lisp/ directory?

Thanks a lot!

-- 
 Bastien

Re: An org password manager

[Michael Albinus]

Bastien <bzg@gnu.org> writes:

> Hi Jorge,

Hi,

>> If there is interest from the community this can also go to
>> /contrib.
>
> I think this would be a nice contribution.

A useful feature would be an auth-source backend, See (info "(auth)")
By this, other packages (like Gnus or Tramp) would profit from the
password manager directly.

Best regards, Michael.

Re: An org password manager

[Jorge A. Alfaro-Murillo]

Michael Albinus <michael.albinus@gmx.de> writes:

> A useful feature would be an auth-source backend, See (info "(auth)")
> By this, other packages (like Gnus or Tramp) would profit from the
> password manager directly.
>
> Best regards, Michael.

Thanks Michael. I will look more into auth. What is your idea? To be
able to use something like auth-source-search, to pass features of the
org-passwords database as secrets? 

I only use auth for gnus and jabber, so my .authinfo.gpg is only five
lines. What setup could benefit on that? Can auth send secrets to other
applications, like a web browser?

Best,

Jorge.

Re: An org password manager

[Michael Albinus]

jorge.a.alfaro@gmail.com (Jorge A. Alfaro-Murillo) writes:

> Michael Albinus <michael.albinus@gmx.de> writes:

Hi Jorge,

>> A useful feature would be an auth-source backend, See (info "(auth)")
>> By this, other packages (like Gnus or Tramp) would profit from the
>> password manager directly.
>
> Thanks Michael. I will look more into auth. What is your idea? To be
> able to use something like auth-source-search, to pass features of the
> org-passwords database as secrets? 

yes.

> I only use auth for gnus and jabber, so my .authinfo.gpg is only five
> lines. What setup could benefit on that? Can auth send secrets to other
> applications, like a web browser?

If another Emacs package uses auth-source-search, it would benefit
automatically from your backend. Several packages uses it already, like
Tramp, gnus, url, erc, ldap.

> Best,
>
> Jorge.

Bet regards, Michael.

Re: An org password manager

[Jorge A. Alfaro-Murillo]

Dear Bastien, 

This is my first time submitting a patch, so I do not know if
this is the way I am supposed to do it.

Best,

Jorge

---
    org-passwords.el: Add an org derived mode for managing passwords
    
    * contrib/lisp/org-passwords.el: new file.
    
    The file gives a mode for consulting a passwords database with entries
    in org format.  The database opens in Read-Only mode and a timer is
    set to close the database.  The file provides functions for making
    usernames and passwords available to the facility for pasting text of
    the window system (clipboard on X and MS-Windows, pasteboard on
    Nextstep/Mac OS, etc.) without inserting them in the kill-ring.  It
    also provides functions for generating passwords as a random string of
    characters or as a number of random words from a dictionary.

1 file changed, 342 insertions(+)
 contrib/lisp/org-passwords.el | 342 ++++++++++++++++++++++++++++++++++++++++++

	New        contrib/lisp/org-passwords.el
diff --git a/contrib/lisp/org-passwords.el b/contrib/lisp/org-passwords.el
new file mode 100644
index 0000000..8c00d61
--- /dev/null
+++ b/contrib/lisp/org-passwords.el
@@ -0,0 +1,342 @@
+;;; org-passwords.el --- org derived mode for managing passwords
+
+;; Author: Jorge A. Alfaro-Murillo <jorge.alfaro-murillo@yale.edu>
+;; Created: December 26, 2012
+;; Keywords: passwords, password
+
+;; This file is NOT part of GNU Emacs.
+;;
+;; This program is free software: you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation, either version 3 of the License, or
+;; (at your option) any later version.
+
+;; This program is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with GNU Emacs.  If not, see <http://www.gnu.org/licenses/>.
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;;; Commentary:
+
+;; This file contains the code for managing your passwords with
+;; Org-mode.
+
+;; A basic setup needs to indicate a passwords file, and a dictionary
+;; for the random words:
+
+;;   (require org-passwords)
+;;   (setq org-passwords-file "~/documents/passwords.gpg")
+;;   (setq org-passwords-random-words-dictionary "/etc/dictionaries-common/words")
+
+;; Basic usage:
+
+;;   `M-x org-passwords' opens the passwords file in
+;;   `org-passwords-mode'.
+
+;;   `M-x org-passwords-generate-password' generates a random string
+;;   of numbers, lowercase letters and uppercase letters.
+
+;;   `C-u M-x org-passwords-generate-password' generates a random
+;;   string of numbers, lowercase letters, uppercase letters and
+;;   symbols.
+
+;;   `M-x org-passwords-random-words' concatenates random words from
+;;   the dictionary defined by `org-passwords-random-words-dictionary'
+;;   into a string, each word separated by the string defined in
+;;   `org-passwords-random-words-separator'.
+
+;;   `C-u M-x org-passwords-random-words' does the same as above, and
+;;   also makes substitutions according to
+;;   `org-passwords-random-words-substitutions'.
+
+;; It is also useful to set up keybindings for the functions
+;; `org-passwords-copy-username' and
+;; `org-passwords-copy-password' in the
+;; `org-passwords-mode', to easily make the passwords and usernames
+;; available to the facility for pasting text of the window system
+;; (clipboard on X and MS-Windows, pasteboard on Nextstep/Mac OS,
+;; etc.), without inserting them in the kill-ring. You can set for
+;; example:
+
+;;   (eval-after-load "org-passwords"
+;;     '(progn
+;;        (define-key org-passwords-mode-map
+;; 	 (kbd "C-c u")
+;; 	 'org-passwords-copy-username)
+;;        (define-key org-passwords-mode-map
+;; 	 (kbd "C-c p")
+;; 	 'org-passwords-copy-password)))
+
+;; Finally, to enter new passwords, you can use `org-capture' and a minimal template like:
+         
+;;   ("p" "password" entry (file "~/documents/passwords.gpg")
+;;    "* %^{Title}\n  %^{PASSWORD}p %^{USERNAME}p")
+
+;; When asked for the password you can then call either
+;; `org-passwords-generate-password' or `org-passwords-random-words'.
+;; Be sure to enable recursive minibuffers to call those functions
+;; from the minibuffer:
+
+;;   (setq enable-recursive-minibuffers t)
+
+;;; Code:
+
+(require 'org)
+
+(define-derived-mode org-passwords-mode org-mode
+  "org-passwords-mode"
+  "Mode for storing passwords"
+  nil)
+
+(defgroup org-passwords nil
+  "Options for password management."
+  :group 'org)
+
+(defcustom org-passwords-password-property "PASSWORD"
+  "Name of the property for password entry password."
+  :type 'string
+  :group 'org-passwords)
+
+(defcustom org-passwords-username-property "USERNAME"
+  "Name of the property for password entry user name."
+  :type 'string
+  :group 'org-passwords)
+
+(defcustom org-passwords-file nil
+  "Default file name for the file that contains the passwords."
+  :type 'file
+  :group 'org-passwords)
+
+(defcustom org-passwords-time-opened "1 min"
+  "Time that the password file will remain open. It has to be a
+string, a number followed by units."
+  :type 'str
+  :group 'org-passwords)
+
+(defcustom org-passwords-random-words-dictionary nil
+  "Default file name for the file that contains a dictionary of
+words for `org-passwords-random-words'. Each non-empty line in
+the file is considered a word."
+  :type 'file
+  :group 'org-passwords)
+
+(defvar org-passwords-random-words-separator "-"
+  "A string to separate words in `org-passwords-random-words'.")
+
+(defvar org-passwords-random-words-substitutions
+  '(("a" . "@")
+    ("e" . "3")
+    ("o" . "0"))
+"A list of substitutions to be made with
+`org-passwords-random-words' if it is called with
+`universal-argument'. Each element is pair of
+strings (SUBSTITUTE-THIS . BY-THIS).")
+
+(defun org-passwords-copy-password ()
+  "Makes the password available to other programs. Puts the
+password of the entry at the location of the cursor in the
+facility for pasting text of the window system (clipboard on X
+and MS-Windows, pasteboard on Nextstep/Mac OS, etc.), without
+putting it in the kill ring."
+  (interactive)
+  (save-excursion
+    (search-backward-regexp "^\\*")
+    (search-forward-regexp (concat "^[[:space:]]*:"
+				   org-passwords-password-property 
+				   ":[[:space:]]*"))
+    (funcall interprogram-cut-function 
+	     (buffer-substring-no-properties (point)
+					     (funcall (lambda ()
+							(end-of-line)
+							(point)))))))
+
+(defun org-passwords-copy-username ()
+  "Makes the password available to other programs. Puts the
+username of the entry at the location of the cursor in the
+facility for pasting text of the window system (clipboard on X
+and MS-Windows, pasteboard on Nextstep/Mac OS, etc.), without
+putting it in the kill ring."
+  (interactive)
+  (save-excursion
+    (search-backward-regexp "^\\*")
+    (search-forward-regexp (concat "^[[:space:]]*:" 
+				   org-passwords-username-property 
+				   ":[[:space:]]*"))
+    (funcall interprogram-cut-function 
+	     (buffer-substring-no-properties (point)
+					     (funcall (lambda ()
+							(end-of-line)
+							(point)))))))
+
+(defun org-passwords ()
+  "Open the password file. Open the password file defined by the
+variable `org-password-file' in read-only mode and kill that
+buffer later according to the value of the variable
+`org-passwords-time-opened'. It also adds the `org-password-file'
+to the auto-mode-alist so that it is opened with its mode being
+`org-passwords-mode'."
+  (interactive)
+  (if org-passwords-file
+      (progn
+	(add-to-list 'auto-mode-alist 
+		     (cons 
+		      (regexp-quote 
+		       (expand-file-name org-passwords-file)) 
+		      'org-passwords-mode))
+	(find-file-read-only org-passwords-file)
+	(org-passwords-set-up-kill-password-buffer))
+    (minibuffer-message "No default password file defined. Set the variable `org-password-file'.")))
+
+(defun org-passwords-set-up-kill-password-buffer ()
+  (run-at-time org-passwords-time-opened
+	       nil 
+	       '(lambda ()
+		  (if (get-file-buffer org-passwords-file)
+		      (kill-buffer
+		       (get-file-buffer org-passwords-file))))))
+
+;;; Password generator
+
+;; Set random number seed from current time and pid. Otherwise
+;; `random' gives the same results every time emacs restarts.
+(random t) 
+
+(defun org-passwords-generate-password (arg)
+  "Ask a number of characters and insert a password of that size.
+Password has a random string of numbers, lowercase letters, and
+uppercase letters.  Argument ARG include symbols."
+  (interactive "P")
+  (let ((number-of-chars 
+	 (string-to-number 
+	  (read-from-minibuffer "Number of Characters: "))))
+    (if arg
+	(insert (org-passwords-generate-password-with-symbols "" number-of-chars))
+	(insert (org-passwords-generate-password-without-symbols "" number-of-chars)))))
+
+(defun org-passwords-generate-password-with-symbols (previous-string nums-of-chars)
+  "Return a string consisting of PREVIOUS-STRING and
+NUMS-OF-CHARS random characters."
+  (if (eq nums-of-chars 0) previous-string
+    (insert (org-passwords-generate-password-with-symbols 
+	     (concat previous-string
+		     (char-to-string
+		      ;; symbols, letters, numbers are from 33 to 126
+		      (+ (random (- 127 33)) 33)))
+	     (1- nums-of-chars)))))
+
+(defun org-passwords-generate-password-without-symbols (previous-string nums-of-chars)
+  "Return string consisting of PREVIOUS-STRING and NUMS-OF-CHARS
+random numbers, lowercase letters, and numbers."
+  (if (eq nums-of-chars 0)
+      previous-string
+      ; There are 10 numbers, 26 lowercase letters and 26 uppercase
+      ; letters. 10 + 26 + 26 = 62. The number characters go from 48
+      ; to 57, the uppercase letters from 65 to 90, and the lowercase
+      ; from 97 to 122. The following makes each equally likely.
+      (let ((temp-value (random 62)))
+ 	(cond ((< temp-value 10) 
+	       ; If temp-value<10, then add a number
+	       (org-passwords-generate-password-without-symbols 
+		(concat previous-string
+			(char-to-string (+ 48 temp-value)))
+		(1- nums-of-chars)))
+	      ((and (> temp-value 9) (< temp-value 36)) 
+	       ; If 9<temp-value<36, then add an uppercase letter
+	       (org-passwords-generate-password-without-symbols 
+		(concat previous-string
+			(char-to-string (+ 65 (- temp-value 10))))
+		(1- nums-of-chars)))
+	      ((> temp-value 35) 
+               ; If temp-value>35, then add a lowecase letter
+	       (org-passwords-generate-password-without-symbols 
+		(concat previous-string
+			(char-to-string (+ 97 (- temp-value 36))))
+		(1- nums-of-chars)))))))
+
+;;; Random words
+
+(defun org-passwords-random-words (arg)
+  "Ask for a number of words and inserts a sequence of that many
+random words from the list in the file
+`org-passwords-random-words-dictionary' separated by
+`org-passwords-random-words-separator'. ARG make substitutions in
+the words as defined by
+`org-passwords-random-words-substitutions'."
+  (interactive "P")
+  (if org-passwords-random-words-dictionary
+      (let ((number-of-words
+	     (string-to-number
+	      (read-from-minibuffer "Number of words: ")))
+	    (list-of-words
+	     (with-temp-buffer
+	       (insert-file-contents
+		org-passwords-random-words-dictionary)
+	       (split-string (buffer-string) "\n" t))))
+	(insert
+	 (org-passwords-substitute
+	  (org-passwords-random-words-attach-number-of-words
+	   (nth (random (length list-of-words))
+		list-of-words)
+	   (1- number-of-words)
+	   list-of-words
+	   org-passwords-random-words-separator)
+	  (if arg
+	      org-passwords-random-words-substitutions
+	    nil))))
+    (minibuffer-message 
+     "No default dictionary file defined. Set the variable `org-passwords-random-words-dictionary'.")))
+
+(defun org-passwords-random-words-attach-number-of-words
+  (previous-string number-of-words list-of-words separator)
+  "Returns a string consisting of PREVIOUS-STRING followed by a
+succession of NUMBER-OF-WORDS random words from the list LIST-OF-WORDS
+separated SEPARATOR."
+  (if (eq number-of-words 0)
+      previous-string
+      (org-passwords-random-words-attach-number-of-words
+       (concat previous-string
+	       separator
+	       (nth (random (length list-of-words)) list-of-words))
+       (1- number-of-words)
+       list-of-words
+       separator)))
+
+(defun org-passwords-substitute (string-to-change list-of-substitutions)
+  "Substitutes each appearence in STRING-TO-CHANGE of the `car' of
+each element of LIST-OF-SUBSTITUTIONS by the `cdr' of that
+element. For example:
+ (org-passwords-substitute \"ab\" \'((\"a\" . \"b\") (\"b\" . \"c\")))
+       => \"bc\"
+Substitutions are made in order of the list, so for example:
+ (org-passwords-substitute \"ab\" \'((\"ab\" . \"c\") (\"b\" . \"d\")))
+       => \"c\""
+  (if list-of-substitutions
+      (concat (org-passwords-concat-this-with-string
+	       (cdar list-of-substitutions)
+	       (mapcar (lambda (x)
+			 (org-passwords-substitute 
+			  x 
+			  (cdr list-of-substitutions)))
+		       (split-string string-to-change 
+				     (caar list-of-substitutions)))))
+    string-to-change))
+
+(defun org-passwords-concat-this-with-string (this list-of-strings)
+  "Put the string THIS in between every string in LIST-OF-STRINGS. For example:
+ (org-passwords-concat-this-with-string \"Here\" \'(\"First\" \"Second\" \"Third\"))
+      => \"FirstHereSencondHereThird\""
+  (if (cdr list-of-strings)
+      (concat (car list-of-strings)
+	      this
+	      (org-passwords-concat-this-with-string 
+	       (cdr list-of-strings)
+	       this))
+    (car list-of-strings)))
+
+(provide 'org-passwords)
+
+;;; org-passwords.el ends here

[back]

Re: An org password manager

[Bastien]

Dear Jorge,

jorge.a.alfaro@gmail.com (Jorge A. Alfaro-Murillo) writes:

> This is my first time submitting a patch, so I do not know if
> this is the way I am supposed to do it.

Yes, the commit message looks good. 

Can you resent the patch as an attachment?

Simply create a dedicated branch from master, check this branch out,
commit your change, then do git format-patch master to get the patch
in the proper .patch format that you can attach.

Thanks in advance,

-- 
 Bastien

Re: An org password manager

[Bastien]

Hi Jorge,

jorge.a.alfaro@gmail.com (Jorge A. Alfaro-Murillo) writes:

> This is my first time submitting a patch, so I do not know if
> this is the way I am supposed to do it.

This is now in contrib/lisp/ - thanks!

-- 
 Bastien

Re: An org password manager

[Jorge A. Alfaro-Murillo]

Bastien <bzg@gnu.org> writes:

> This is now in contrib/lisp/ - thanks!

Great! Thanks a lot.