table of contents
YAPET(1) | User Commands | YAPET(1) |
NAME¶
yapet - text based password managerSYNOPSIS¶
yapet
[[ -c] | [-h] | [-V]] [[-i] |
[-r {rcfile}]] [[ -s] | [-S]]
[-t { sec}] [filename]
DESCRIPTION¶
yapet stores passwords and associated information (referred to as password records) in files encrypted on disk. yapet does not impose a limit of password records per file and the number of files the passwords are stored in, although yapet is able to display only password records of one file at a time. For convenience, yapet provides a search function for password records of the currently loaded password file. The password records are protected by a master password. The master password is used to encrypt and decrypt the password records. yapet relies on OpenSSL for encryption and decryption of password records. The cipher for encryption and decryption is Blowfish with a 448 bits key. Files created by yapet always have the suffix .pet. This cannot be changed. Also, if a file is loaded using the command line, yapet appends the suffix .pet to the file name unless the file name includes this suffix.Main Screen¶
Invoking yapet without command line arguments given will show a screen as shown in Figure 1, “Main Screen”. Figure 1. Main Screen..::|| YAPET 0.8pre2 ||::.. +---------------------------++---------------------------+ | || K E Y S | | ||---------------------------| | || S Save File | | || R Load File | | || L Lock Screen | | || A Add Entry | | || D Delete Entry | | || O Sort Order | | || / Search | | || N Search Next | | || C Change Password | | || ^L Redraw Screen | | || Q Quit | | || G Password Generator| | |+---------------------------+ | |+---------------------------+ | || | | || | | || | | || | +---------------------------++---------------------------+ No file loaded
Password Record¶
Passwords are stored as records having the fields as shown in Figure 2, “Password Record Dialog” below. Figure 2. Password Record Dialog+-P A S S W O R D R E C O R D--------------------+ |Name | |_________________________________________________| |Host | |_________________________________________________| |Username | |_________________________________________________| |Password | |_________________________________________________| |Comment | |_________________________________________________| | | |[ OK ] [ Cancel ] [ Generate Password ] | +-------------------------------------------------+
The name displayed in the Main Screen.
Host
The host on which the password is used.
Username
The user name the password is associated
with.
Password
The password to protect.
Comment
A comment.
For an explanation of the Generate Password refer to the section called
“Password Generator Dialog”.
Function Keys¶
Function keys are the keys recognized by yapet in the main screen, i.e. if no dialog is presented. Function keys are not case-sensitive. See below for an explanation of the function keys recognized: SSaves the password records to the file.
R
Load (read) a file from disk. This command is
also used to create a new file. When creating a new file, enter the file name
into the input field. yapet will ask whether it should create the file
if it does not exist.
L
Lock and blank the screen. Has only effect if
a file is loaded. In order to unlock the screen, the password of the currently
loaded file has to be entered.
A
Add a new password record to the currently
loaded file. The password record will be permanently added to the file when
the file is saved by pressing S.
Before this function can be used an existing file has to be loaded or a new file
has to be created by pressing R.
D
Delete a password entry from the currently
loaded file. The entry will be permanently deleted if the file is saved by
pressing S.
O
Change the sort order to either ascending or
descending. This setting is not kept permanently and is lost upon restart of
yapet.
The default sort order is ascending.
/
Start a new search. yapet can only
search the name of the password records for a particular term. If the term is
found, the item is highlighted. The search can be repeated by pressing
N.
N
Repeat the search using the search term
specified by invoking the search functionality by pressing /.
C
Change the master password of the currently
loaded file. This action requires to save all changes first. The file with the
old master password will be saved as filename.pet.bak where
filename is the name of the currently loaded file.
CTRL+L (^L)
Redraws the screen.
Q
Quit yapet. If changes were not saved
yapet will ask whether they should be saved or not. Regardless of the
answer, yapet quits, either saving the changes or discarding
them.
G
Open the Password Generator Dialog. See the
section called “Password Generator Dialog” for further
information.
Dialogs¶
Frames appearing on top of the Main Screen are called Dialogs. They are comprised of widgets which can take input from the user. The Tab key will switch the focus to the next widget. Be aware that Shift+Tab does not work for focusing the previous widget. By pressing the Esc key dialogs will be canceled and closed.
yapet may compute random password of arbitrary length using characters
from different character pools.
In the Main Screen, pressing G will bring up the Password Generator Dialog,
which simply generates passwords.
The check boxes can be selected by pressing either Enter or Space keys, the Down
and Up keys will selected the next or previous check box, respectively.
Pressing the Tab will leave the check boxes and focus the Regenerate button,
which can be used to regenerate the password with the options set.
By pressing the Generate Password button in the Password Record Dialog the
Password Generator Dialog will also be displayed. Additionally, the generated
password can be inserted into the Password Record by pressing OK. Any previous
password will replaced by the generated password.
See the section called “Configuration File” on how the password
generator options can be preset.
Selection Movement¶
The keys explained below are recognized for selection movement in list widgets, such as the password records list or the lists used by the File Open dialog. Up, k, Down, jMoves the selection one item up (Up, k) or
down (Down, j).
Page Up, Page Down
Scrolls one screen-full up (Page Up) or down
(Page Down).
Home, End
Scrolls to the beginning (Home) or the end
(End) of the list.
Enter
Chooses the selected item.
Cursor Movement¶
Cursor movement, whether in clear text or password fields, is accomplished by using the following keys: Left, UpMoves the cursor one character to the left. In
password fields, it deletes the character to the left of the current cursor
position.
Right, Down
Moves the cursor one character to the right.
In password fields, these keys do nothing.
Home
Moves the cursor at the beginning of the input
field.
End
Moves the cursor at the end of the input
field.
Backspace
Moves the cursor one character to the right
and deletes the character at this position.
Delete
Keeps the cursor at the current position and
deletes the character on the right, shifting remaining characters to the
left.
Enter, Tab
The input is confirmed and the next widget
will be focused.
Editing Password Records¶
When a password record is opened by pressing Enter, it is opened in read-only mode in order to prevent accidental modification. After opening a password record, the read-only mode can be left by pressing Ctrl+e in any of the text fields.Configuration File¶
If the file $HOME/.yapet exists, yapet reads options provided in this file. You may specify a different configuration file by using the -r option (see the section called “OPTIONS”). Options given on the command line have precedence over options given in a configuration file. The configuration file has the following syntax: option=value where option can be any of the following: loadThe file to load upon start of yapet.
Equivalent to providing a filename when invoking yapet.
A ~ (tilde) sign as the first character of the file path will be replaced
by the home directory of the user running yapet.
Default: not set
locktimeout
A positive integer specifying the time of
inactivity in seconds until the screen is locked.
Equivalent to providing the -t option when invoking yapet.
Default: 600
pwinputtimeout
A positive integer specifying the time of
inactivity in seconds until the password prompt for unlocking the screen will
disappear.
Default: 60
allowlockquit
A value of 1 (one) or 0 (zero). A value of 1
allows the user to quit yapet from the locked screen (if no changes are
pending). A value of 0 prevents the user from quitting yapet when the
screen is locked.
Default: 1
checkfsecurity
A value of 1 (one) or 0 (zero). A value of 1
enables the verification of the file owner and permissions when loading a
file. A value of 0 disables the verification of the file owner and permissions
when loading a file.
Equivalent to providing the -S (same as 1) or -s (same as 0)
options when invoking yapet.
Default: 1
ignorerc
A value of 1 (one) or 0 (zero). A value of 1
lets yapet ignore the options provided in the configuration file (see
also the -i in the section called “OPTIONS”). A value of 0
has no effect on the processing of the configuration file.
Default: 0
pwgen_rng
The random number generator used to generate
passwords. Possible values are
devrandom
If the random number generator requested is not available on the system,
yapet searches for a suitable alternative.
Default: devurandom
pwgen_pwlen
Requests the use of /dev/random. This is a
high-quality random number generator. However, if the system lacks entropy,
reading from this device may block, thus making yapet
unresponsive.
devurandom
Requests the use of /dev/urandom. This is a
quality random number generator similar to /dev/random but not of the same
quality.
Using this random number generator will not block as opposite to
/dev/random.
lrand48
Requests the use of lrand48. This is
low-quality random number generator and should be used only if none of the
above two random number generators are available.
rand
Requests the use of rand. This is a last
resort random number generator and should not be used.
A positive integer greater than zero
specifying the default password length used by the Password Generator Dialog.
Default: 10
pwgen_letters
A value of 1 (one) or 0 (zero). A value of 1
will preselect Letters check box of the Password Generator Dialog. 0 does not
preselect Letters check box.
Default: 1
pwgen_digits
A value of 1 (one) or 0 (zero). A value of 1
will preselect Digits check box of the Password Generator Dialog. 0 does not
preselect Digits check box.
Default: 1
pwgen_punct
A value of 1 (one) or 0 (zero). A value of 1
will preselect Punctuation check box of the Password Generator Dialog. 0 does
not preselect Punctuation check box.
Default: 1
pwgen_special
A value of 1 (one) or 0 (zero). A value of 1
will preselect Special check box of the Password Generator Dialog. 0 does not
preselect Special check box.
Default: 1
pwgen_other
A value of 1 (one) or 0 (zero). A value of 1
will preselect Other check box of the Password Generator Dialog. 0 does not
preselect Other check box.
Default: 0
See the section called “EXAMPLES” for examples of configuration
files.
Options are case-sensitive. Spaces are not allowed before or after the equal
sign. Syntax errors and unrecognized options are ignored silently.
Status Frame¶
When a password file is loaded, yapet displays some status information in the lower right frame as shown in Figure 3, “The Status Frame” Figure 3. The Status Frame+--------------------------------------+ | File permission check: enabled | | Screen lock time-out: 600 sec | | 1 entries (+) (V: 1) | | PW set: Sat Aug 22 11:49:46 2009 | +--------------------------------------+
Caution¶
Although several precautions were taken to avoid having any passwords stored clear text in memory, there were occasions when core files contained the master password. This means that it is possible, though not likely, for a malicious user to get hold of one or more passwords while YAPET is running.Format of YAPET Files¶
Please refer to the DESIGN in source code distribution or point your browser to http://www.guengel.ch/myapps/yapet/.OPTIONS¶
The following options are supported: -c, --copyrightShow the copyright information.
-h, --help
Print a help text.
-i, --ignore-rc
Do not read the configuration file. See also
the ignorerc option in the section called “Configuration
File”.
-r rcfile, --rc-file rcfile
Read the configuration file specified by
rcfile. If this option is not given, the default configuration file
read is $HOME/.yapet unless -i is specified.
-s, --no-file-security
Disable the check for the owner and file mode
when loading files. Without this option, yapet checks password files
for having the same owner as the user running yapet and verifies that
the file mode is strictly 0600. If one of these conditions are not met,
yapet refuses to load the file. Providing this options disables those
checks and yapet will load files with owners other than the process
owner of yapet and file modes different from 0600.
New files saved while this option is active will have the file mode set to
0644.
-S, --file-security
Enable the check for the owner and file mode
when loading files. This option makes yapet to load password files
having the owner set to the process owner of yapet and the file mode
strictly set to 0600 only. If one of these conditions are not met,
yapet refuses to load the file.
New files saved while this option is active will have the file mode set to 0600.
This is the default mode.
-t sec, --timeout sec
Set the timeout until the screen is locked to
sec seconds. The minimum time allowed is 10 seconds. If a lower value
is provided, the timeout will be set to 10 seconds.
-V, --version
Show the version of yapet.
filename
The file to open upon invocation of
yapet. If the file does not exist, yapet asks whether it should
be created.
Files created by yapet always have the suffix .pet.
EXAMPLES¶
Example 1. Example of an yapet configuration fileload=/home/joe/passwords locktimeout=300 checkfsecurity=0 pwgen_pwlen=8
locktimeout=150 checkfsecurity=1 pwgen_other=1
load=~/passwords.pet locktimeout=300 checkfsecurity=0 pwgen_pwlen=8
FILES¶
$HOME/.yapetThe per-user configuration file. If existing,
options are read from this file but can be overridden by the command line
options.
Processing of this file can be disabled by invoking yapet with the
-i option.
Refer to the the section called “Configuration File” for an
explanation of the per-user configuration file.
ENVIRONMENT¶
LC_MESSAGESPrinting messages in the specified language.
Currently only German is supported besides English.
BUGS¶
If a password record is open, the screen lock will not activate, leaving yapet unprotected. Please report bugs to http://bugs.guengel.ch[1].AUTHOR¶
Rafael Ostertag rafi@guengel.chSEE ALSO¶
csv2yapet(1), curses(3X), ssl(3), crypto(3)AVAILABILITY¶
The latest version of yapet can be found under http://www.guengel.ch/myapps/yapet/.LICENSE¶
YAPET -- Yet Another Password Encryption ToolCOPYRIGHT¶
Copyright © 2008, 2009, 2010 Rafael Ostertag <rafi@guengel.ch>NOTES¶
01/02/2011 | yapet 0.8pre2 |