encrypting text editor
Solution 1
Vi/Vim
Just use vim
or vi
which offers file encryption with blowfish
when using -x
option.
create a file for encryption as follows:
vim -x filename.txt
Then it will prompt to enter encryption key
Enter encryption key:
Once a file has been encrypted by Vim once, you never need to use the -x option when opening that file again. Vim will automatically recognize it as an encrypted file and do the right thing.
Because Blowfish is a symmetric key encryption system, the same key is used for both encryption and decryption. When Vim
opens a file for the first time with the -x option, the first thing it will do is ask you to give it a key you can use to encrypt and decrypt the file, with this prompt:
Need encryption key for "abc.txt"
Enter encryption key:
After entering the key, you will then be asked to confirm the key, to ensure you did not mistype it.
Enter same key again:
Then it will open as normally as usual.
Read more here
CryptoTE
According to the website.
CryptoTE is a text editor with integrated strong cryptography.
It is based on the popular Scintilla widget and automatically stores
text data in secure encrypted container files.
Compared to other "password keeper" programs, CryptoTE does not force
any structure upon your data: it works with plain ASCII text
and does not require you to fill in grids, key-value attributes,descriptions etc.
Encryption is transparently performed using the
highly-secure Serpent cipher. The editing interface is thoroughly
optimized for speed and ease of use.
Multiple subfiles, Quick-Find and a two-click random password generator
make daily use very convenient.
for ubuntu see.
Solution 2
Gedit.
REQUIREMENTS
- Gedit
- Gedit plugin – External tools (enabled)
- A valid gpg key
ENABLE GnuPG
This will only work if you have enabled GnuPG in your system.
GnuPG is an implementation of PGP (Pretty Good Privacy), which is a form of public key/private key encryption.
Install GnuPG
sudo apt-get install gnupg
Generate your keys:
gpg --gen-key
When generating the keys, you can just press enter at any time to accept the default value in brackets. The most important part of your key generation is choosing your passphrase.
Your public keyring should just contain your own public key for now, you can view the keyring with the --list-keys
option and your private key with the --list-secret-keys
option.
gpg --list-keys
gpg --list-secret-keys
GnuPG source: http://www.ianatkinson.net/computing/gnupg.htm
SETUP
Just go to Tools > Manage External Tools, and add the scripts:
ENCRYPT
Paste the following code on a new command, called “Encrypt”:
#!/bin/bash
stdin=$(cat)
if [ ! "${stdin:0:27}" == "-----BEGIN PGP MESSAGE-----" ]; then
echo "$stdin" | gpg -a -e -r [email protected] --no-tty -
else
echo "$stdin"
fi
with the options:
- ShortCut - Control + Shift + E
- Save - Nothing
- Input - Current document
- Output - Replace current document
- Applicability - All documents / All languages
DECRYPT
Paste the following code on a new command, called “Decrypt”:
#!/bin/bash
stdin=$(cat)
if [ "${stdin:0:27}" == "-----BEGIN PGP MESSAGE-----" ]; then
echo "$stdin" | gpg -d --no-tty - 2> /dev/null
else
echo "$stdin"
fi
with the options:
- ShortCut - Control + Shift + D
- Save - Nothing
- Input - Current document
- Output - Replace current document
- Applicability - All documents / All languages
USAGE
Once that is done, then you can open encrypted files (asc – ascii files, not binary), or create new ones on spot using the shortcuts.
Example:
SOURCE
http://blog.brunobraga.net/encrypting-and-decrypting-with-gedit/
METHOD 2 Another way is to install zillo.
A simple plugin for gedit 3 that encode and decode selected text to base64.
See this question on how to install the plugin
Solution 3
Naturally, you can also do this in emacs
. The emacs wiki has a very nice page on this, providing 7 different approaches:
The simplest would probably be EasyPG Assistant since it is an interface to GnuPG and should work out of the box.
Solution 4
You could try vim
with the gnupg.vim plugin, which is for transparent editing of gpg encrypted files.
gnupg.vim description:
This script implements transparent editing of gpg encrypted files. The filename must have a ".gpg", ".pgp" or ".asc" suffix. When opening such a file the content is decrypted, when opening a new file the script will ask for the recipients of the encrypted file. The file content will be encrypted to all recipients before it is written. The script turns off viminfo and swapfile to increase security.
Solution 5
If you like Geany, there's a plugin (sudo apt-get install geany-plugin-pg
):
GeanyPG is a plugin for Geany that allows the user to encrypt, decrypt and verify signatures with GnuPG.
Related videos on Youtube
H2ONaCl
Updated on September 18, 2022Comments
-
H2ONaCl over 1 year
Is there an encrypting text editor for ubuntu? In other words, the text editor, preferably GUI capable, should always save an encrypted file and always prompt for the password to re-open the file. The point is to combine the functionality of a text editor with an encryption tool.
-
TwentyMiles about 10 yearsA word of warning: text editors, or sometimes even operating systems, will store data on disk out side of the normal save/open operations. Vim for example will store data in in files ending in ~ or .swp as backups and Linux will swap out memory to disk if it runs short of RAM. Because of this, simply encrypting a text file will not keep your data safe from a determined attacker with physical access to your machine. If your data is really important, use full disk encryption. FDE is pretty easy to do in Ubunutu, see eff.org/deeplinks/2012/11/….
-
Patrick Collins about 10 yearsFor an emacs solution, also see: emacswiki.org/emacs/AutoEncryption
-
H2ONaCl about 10 yearsVia @stormvirux is this article that describes how to eliminate the risk posed by swap and backup files created by
vim
. techrepublic.com/blog/it-security/… -
H2ONaCl about 5 years@TwentyMiles FDE discussion is made more complete by describing the costs. Here is a link to something that describes the loss of throughput and another link to the financial cost. searchmidmarketsecurity.techtarget.com/tip/… Link: networkcomputing.com/careers-and-certifications/…
-
-
Stormvirux about 10 years@broiyan then cryptoTE might fit what you want plus it has a gui
-
Kevin about 10 yearsInstead of
if [ ! ... ==
you should useif [ ... !=
. -
Parto about 10 years@Kevin Where should I make the change?
-
Kevin about 10 yearsYour encrypt script
-
Parto about 10 years@Kevin But it's working fine as is. I have tested it in my Gedit...
-
Kevin about 10 yearsYes, it works as-is, but
!=
is much cleaner than! ... ==
. -
H2ONaCl about 10 yearsI like that CryptoTE uses a symmetric password and that the text file is free-format; notwithstanding the example screenshot. The container concept is useful for providing a simple means of organization.
-
H2ONaCl about 10 yearsIf, for example, your valuable data are in ~/Documents and you work via file system links that are in ~/Desktop, CryptoTE's by default five level backup feature will do something unexpected. To be safe, open CyprtoTE's encrypted files directly, do not use links.
-
freddyb about 10 yearsCryptographers would comment that Blowfish isn't considered secure enough.
-
jfs about 10 yearsEasyPG is bundled with Emacs. To encrypt a file just save it with
.gpg
extension. -
n611x007 over 8 yearsHeh. There should be a list of what cannot be done in emacs... ;)
-
ccpizza over 8 yearsFor Manage External Tools to appear under the Tools menu in gedit, the External Tools plugin needs to be enabled first from Edit > Preferences > Plugins.
-
ccpizza over 8 yearsTo make it work with a password rather than a key I modified the encryption line to
echo "$stdin" | gpg -a --yes -c -
. The generated file can also be opened with vim with the gnupg.vim plugin, which makes it accessible on OSX, Linux, Windows, as well as on Android phones via APG. -
You'reAGitForNotUsingGit about 7 yearsAs @freddyb stated, Blowfish is horribly insecure.
-
mosh over 4 yearsBlowfish is practically secure for files < 500G in size!, see news.softpedia.com/news/… => Researchers say that after sending constant server requests for between 30 and 38 hours, and collecting around 785 GB of traffic, they'll be able to spot a collision attack