Posts Tagged ‘passwords’

Password management with TrueCrypt and Dropbox

Monday, August 15th, 2011

Maintaining passwords for multiple servers across multiple development environments is a pain. A few weeks back there was a downed service on one of my servers and I was at a computer without my passwords and hosts files. The debugging session that followed required hopping through multiple servers and in general took a lot longer than it should.

I decided to use DropBox and TrueCrypt to setup a secure password file that was synchronized across all of my environments. The setup for both is dirt simple. I created a 10mb encrypted file called SAFEFILE in my Dropbox, then add a passwords.txt to it.

Then I evolved some code a friend threw my way for generating passwords. Creating a password and storing it directly in my passwords.txt file, and retrieving it is now a snap. The functions copy the password directly to the clipboard for easy pastin.

Adding my ~/.ssh, /etc/hosts, ~/.profile and a few other dotfiles to my Dropbox and symlinking them to my home directory keeps me standard across any environment I use.

Generate a random string 30 chars long for test.account:

jmooberry@local ~ : genpass 30 test.account
password added to passwords.txt as test.account
password copied to clipboard.
//  ole2iUmIGwDxtC9xVqPZiEr34ZJVwD

Grab the password for test.account:

jmooberry@local ~ : getpass test
password for (test.account) copied to clipboard.
// ole2iUmIGwDxtC9xVqPZiEr34ZJVwD

.profile helpers functions:

# password generator
# Usage: genpass 30 test.account.name
function genpass() { 
  if [ $# == 0 ]; then
      length=30
  else
      length=$1
  fi
  pass=$(< /dev/random strings | perl -pe 's/\W//g;' | head -c$length)
  echo -n $pass | pbcopy
  if [ $# == 2 ]; then
    echo -en "\n$2\t$pass" >> /Volumes/SAFEFILE/passwords.txt
    echo "password added to passwords.txt as $2"
  fi
  echo "password copied to clipboard."
}

# password grabber
# Usage: getpass test.account.name
function getpass() { 
  pass=$(grep $1 /Volumes/SAFEFILE/passwords.txt | perl -pe 's/.+?(\w+)$/$1/;')
  name=$(grep $1 /Volumes/SAFEFILE/passwords.txt | perl -pe 's/(.+?)\s+\w+$/$1/;')
  echo -n $pass | pbcopy
  echo "password for ($name) copied to clipboard."
}

# it's important.
if [ ! -d "/Volumes/SAFEFILE" ]; then
  echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
  echo "TRUECRYPT DIRECTORY NOT MOUNTED!!!"
  echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
fi

Posted in command line fu, security | Tags: ,  | No Comments »