README
¶
gpgedit
gpgedit is an editor wrapper for GPG2-encrypted files made primarily for Linux.
How it works:
- First, gpgedit asks for a passphrase.
- It uses the passphrase to decrypt the contents of a file encrypted with GPG2 symmetric encryption to a temporary file.
- It runs an editor on the temporary file
(
VISUALorEDITORby default, but it can be, e.g., LibreOffice). - It waits for the editor to exit.
- It runs GPG2 to replace the original file with the contents of the temporary file encrypted using the same passphrase.
- Finally, gpgedit deletes the temporary file.
In other words, gpgedit implements a "with" pattern.
gpgedit is beta-quality software.
Dependencies
Build
- Go 1.21
Runtime
- GPG2
- A temporary filesystem mounted on
/dev/shm/. It is present by default on Linux with glibc.
Installation
go install github.com/dbohdan/gpgedit@master
Usage
Usage of gpgedit:
-editor string
the editor to use
-ro
read-only mode -- all changes will be discarded
-u change the passphrase for the file
-v report the program version and exit
-warn int
warn if the editor exits after less than X seconds
Security and other considerations
The passphrase is kept in the memory of the gpgedit process in plain text while the file is being edited.
The passphrase can be extracted from the process's memory or from swap if it is swapped out.
The decrypted contents of the file is stored on a temporary filesystem in RAM (/dev/shm/${USER}-gpgedit).
Other programs run by the same user can access it there, and it can also be swapped out.
gpgedit doesn't work with multi-document editors.
License
MIT.
Documentation
¶
There is no documentation for this package.
Source Files
Click to show internal directories.
Click to hide internal directories.