Saturday, February 10, 2007

 

Encrypting a file.

It is difficult to keep track of all the passwords. I used to write passwords in Kannada ,my language, hoping that not many can read. Now I save all my passwords using KeePass on Windows and KeePassX on Mac OS X. It keeps the entire password in a database and locks it with one master password. The database is compatible across the platform, and the same database can be used on Windows or Mac OS X.

The problem:
Imagine you are on the road, you can't recall the password for a certain web site.
Here is the solution:
Save a password database as text file and encrypt that file.

Step 1. In keeppass File -> Export To -> CSV File (Under Windows, Or as Text in Mac OS X).
Save it as say Database.kdb.csv. Copy this file onto your thumbdrive.

Step 2. Compiling a multiplatform file encrytion program bcrypt.

In Windows(cygwin):

Download the source and unpack into a directory.
schakkere@shankar ~
$ cd develop/bcrypt/
/ecos-c/usr/shankar/develop/bcrypt

schakkere@shankar ~/develop/bcrypt
$ make
gcc -O2 -Wall  -c main.c
gcc -O2 -Wall  -c blowfish.c
gcc -O2 -Wall  -c rwfile.c
rwfile.c: In function `deletefile':
rwfile.c:123: warning: implicit declaration of function `initstate'
gcc -O2 -Wall  -c keys.c
gcc -O2 -Wall  -c wrapbf.c
gcc -O2 -Wall  -c endian.c
gcc -O2 -Wall  -c wrapzl.c
gcc -O2 -Wall  -o bcrypt main.o blowfish.o rwfile.o keys.o wrapbf.o endian.o wrapzl.o -L/usr/local/lib -lz
Info: resolving _optind by linking to __imp__optind (auto-import)
Info: resolving _optarg by linking to __imp__optarg (auto-import)

schakkere@shankar ~/develop/bcrypt
$ make install
mkdir -p /usr/local/bin;\
mkdir -p /usr/local/man/man1;\
cp bcrypt /usr/local/bin;\
cp bcrypt.1 /usr/local/man/man1;\
chmod 755 /usr/local/bin/bcrypt;\
chmod 644 /usr/local/man/man1/bcrypt.1

schakkere@shankar ~/develop/bcrypt
$ which bcrypt
/usr/local/bin/bcrypt

schakkere@shankar ~/develop/bcrypt
$ bcrypt
Usage is: bcrypt -[orc][-sN] file1 file2..
-o Write output to standard out
-r Do NOT remove input files after processing
-c Do NOT compress files before encryption
-sN How many times to overwrite input files with random data
To encrypt a file on your thumb drive.
schakkere@shankar ~/develop/bcrypt
$ cd /cygdrive/E/backup/keepass/

schakkere@shankar /cygdrive/E/backup/keepass
$ ls
Database.kdb  Database.kdb.csv

schakkere@shankar /cygdrive/E/backup/keepass
$ bcrypt -s5 Database.kdb.csv
Encryption key:Key must be at least 8 characters
Encryption key:
Again:

schakkere@shankar /cygdrive/E/backup/keepass
$ ls -al
drwxr-xr-x  2 schakkere mkgroup-l-d     0 Feb  7 00:21 .
drwxr-xr-x 11 schakkere mkgroup-l-d     0 Feb  7 00:20 ..
-rw-r--r--  1 schakkere mkgroup-l-d 13084 Jan 10 12:23 Database.kdb
-rw-r--r--  1 schakkere mkgroup-l-d  2126 Feb 15 22:11 Database.kdb.csv.bfe
Option -s5 overwrites the original file 5 times with random data before deleting it.

Copy bcrypt.exe and cygwin1.dll onto your thumb drive

In Mac OS X:
Unzip the source file.
Shankar-Chakkeres-Computer:~/develop/bcrypt shankar$ make
Copy bcrypt to ~/bin and onto your thumb drive.
You can also run make install if you want it to be available for other users on your system.

Testing it:
Plug the thumbdrive
Shankar-Chakkeres-Computer:~/develop/bcrypt shankar$ ~/bin/bcrypt -r -o /Volumes/6JAN2007/backup/keepass/Database.kdb.csv.bfe | grep -i bank
Encryption key:
"Bank of America","xxx","xxx","xxx","xxx"
It works!

Using it on the road:
Step 3. So now you can use your password on the road even on the machines which does not have bcrypt installed (because you have the executable for Windows and Mac OS X and the encrypted password file on the thumb drive).

Labels: , ,


# posted by Shankar Chakkere @ 9:41 PM
Comments: Post a Comment



<< Home

This page is powered by Blogger. Isn't yours?