June 2003
Intermediate to advanced
336 pages
8h 54m
English
Content preview from Linux Security CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
7.24. Maintaining Encrypted Files with vim
Problem
You want to edit encrypted files in place with vim, without decrypting them to disk.
Solution
Add the following lines to your ~/.vimrc file:
" Transparent editing of GnuPG-encrypted files
" Based on a solution by Wouter Hanegraaff
augroup encrypted
au!
" First make sure nothing is written to ~/.viminfo while editing
" an encrypted file.
autocmd BufReadPre,FileReadPre *.gpg,*.asc set viminfo=
" We don't want a swap file, as it writes unencrypted data to disk.
autocmd BufReadPre,FileReadPre *.gpg,*.asc set noswapfile
" Switch to binary mode to read the encrypted file.
autocmd BufReadPre,FileReadPre *.gpg set bin
autocmd BufReadPre,FileReadPre *.gpg,*.asc let ch_save = &ch|set ch=2
autocmd BufReadPost,FileReadPost *.gpg,*.asc
\ '[,']!sh -c 'gpg --decrypt 2> /dev/null'
" Switch to normal mode for editing
autocmd BufReadPost,FileReadPost *.gpg set nobin
autocmd BufReadPost,FileReadPost *.gpg,*.asc let &ch = ch_save|unlet ch_save
autocmd BufReadPost,FileReadPost *.gpg,*.asc
\ execute ":doautocmd BufReadPost " . expand("%:r")
" Convert all text to encrypted text before writing
autocmd BufWritePre,FileWritePre *.gpg
\ '[,']!sh -c 'gpg --default-recipient-self -e 2>/dev/null'
autocmd BufWritePre,FileWritePre *.asc
\ '[,']!sh -c 'gpg --default-recipient-self -e -a 2>/dev/null'
" Undo the encryption so we are back in the normal text, directly
" after the file has been written.
autocmd BufWritePost,FileWritePost *.gpg,*.asc u
augroup END