Scroll to navigation

YAPET(1) User Commands YAPET(1)

NAME

yapet - text based password manager

SYNOPSIS

yapet [[ -c] | [-h] | [-V]] [[-i] | [-r {rcfile}]] [[ -s] | [-S]] [-t { sec}] [filename]

DESCRIPTION

yapet stores passwords and associated information (referred to as password records) in files encrypted on disk.
yapet does not impose a limit of password records per file and the number of files the passwords are stored in, although yapet is able to display only password records of one file at a time.
For convenience, yapet provides a search function for password records of the currently loaded password file.
The password records are protected by a master password. The master password is used to encrypt and decrypt the password records.
yapet relies on OpenSSL for encryption and decryption of password records. The cipher for encryption and decryption is Blowfish with a 448 bits key.
Files created by yapet always have the suffix .pet. This cannot be changed. Also, if a file is loaded using the command line, yapet appends the suffix .pet to the file name unless the file name includes this suffix.

Main Screen

Invoking yapet without command line arguments given will show a screen as shown in Figure 1, “Main Screen”.
Figure 1. Main Screen
 
 
                  ..::|| YAPET 0.8pre2 ||::..
+---------------------------++---------------------------+
|                           ||          K E Y S          |
|                           ||---------------------------|
|                           ||   S     Save File         |
|                           ||   R     Load File         |
|                           ||   L     Lock Screen       |
|                           ||   A     Add Entry         |
|                           ||   D     Delete Entry      |
|                           ||   O     Sort Order        |
|                           ||   /     Search            |
|                           ||   N     Search Next       |
|                           ||   C     Change Password   |
|                           ||   ^L    Redraw Screen     |
|                           ||   Q     Quit              |
|                           ||   G     Password Generator|
|                           |+---------------------------+
|                           |+---------------------------+
|                           ||                           |
|                           ||                           |
|                           ||                           |
|                           ||                           |
+---------------------------++---------------------------+
No file loaded
The upper right frame in Figure 1, “Main Screen” shows the function keys recognized by yapet. See the section called “Function Keys” for details about the function keys.
The empty frame on the left side of the main screen will display the list of password records. The selection of the record to be viewed can be moved as explained in the section called “Selection Movement”.
Only when a a password file is loaded, the lower right frame will display some status information as explained in the section called “Status Frame”.

Password Record

Passwords are stored as records having the fields as shown in Figure 2, “Password Record Dialog” below.
Figure 2. Password Record Dialog
 
 
+-P A S S W O R D  R E C O R D--------------------+
|Name                                             |
|_________________________________________________|
|Host                                             |
|_________________________________________________|
|Username                                         |
|_________________________________________________|
|Password                                         |
|_________________________________________________|
|Comment                                          |
|_________________________________________________|
|                                                 |
|[ OK ] [ Cancel ] [ Generate Password ]          |
+-------------------------------------------------+
The fields have the following meaning:
Name
The name displayed in the Main Screen.
Host
The host on which the password is used.
Username
The user name the password is associated with.
Password
The password to protect.
Comment
A comment.
For an explanation of the Generate Password refer to the section called “Password Generator Dialog”.

Function Keys

Function keys are the keys recognized by yapet in the main screen, i.e. if no dialog is presented. Function keys are not case-sensitive. See below for an explanation of the function keys recognized:
S
Saves the password records to the file.
R
Load (read) a file from disk. This command is also used to create a new file. When creating a new file, enter the file name into the input field. yapet will ask whether it should create the file if it does not exist.
L
Lock and blank the screen. Has only effect if a file is loaded. In order to unlock the screen, the password of the currently loaded file has to be entered.
A
Add a new password record to the currently loaded file. The password record will be permanently added to the file when the file is saved by pressing S.
 
Before this function can be used an existing file has to be loaded or a new file has to be created by pressing R.
D
Delete a password entry from the currently loaded file. The entry will be permanently deleted if the file is saved by pressing S.
O
Change the sort order to either ascending or descending. This setting is not kept permanently and is lost upon restart of yapet.
 
The default sort order is ascending.
/
Start a new search. yapet can only search the name of the password records for a particular term. If the term is found, the item is highlighted. The search can be repeated by pressing N.
N
Repeat the search using the search term specified by invoking the search functionality by pressing /.
C
Change the master password of the currently loaded file. This action requires to save all changes first. The file with the old master password will be saved as filename.pet.bak where filename is the name of the currently loaded file.
CTRL+L (^L)
Redraws the screen.
Q
Quit yapet. If changes were not saved yapet will ask whether they should be saved or not. Regardless of the answer, yapet quits, either saving the changes or discarding them.
G
Open the Password Generator Dialog. See the section called “Password Generator Dialog” for further information.

Dialogs

Frames appearing on top of the Main Screen are called Dialogs. They are comprised of widgets which can take input from the user.
The Tab key will switch the focus to the next widget. Be aware that Shift+Tab does not work for focusing the previous widget.
By pressing the Esc key dialogs will be canceled and closed.
 
 
Password Generator Dialog
 
yapet may compute random password of arbitrary length using characters from different character pools.
In the Main Screen, pressing G will bring up the Password Generator Dialog, which simply generates passwords.
The check boxes can be selected by pressing either Enter or Space keys, the Down and Up keys will selected the next or previous check box, respectively. Pressing the Tab will leave the check boxes and focus the Regenerate button, which can be used to regenerate the password with the options set.
By pressing the Generate Password button in the Password Record Dialog the Password Generator Dialog will also be displayed. Additionally, the generated password can be inserted into the Password Record by pressing OK. Any previous password will replaced by the generated password.
See the section called “Configuration File” on how the password generator options can be preset.

Selection Movement

The keys explained below are recognized for selection movement in list widgets, such as the password records list or the lists used by the File Open dialog.
Up, k, Down, j
Moves the selection one item up (Up, k) or down (Down, j).
Page Up, Page Down
Scrolls one screen-full up (Page Up) or down (Page Down).
Home, End
Scrolls to the beginning (Home) or the end (End) of the list.
Enter
Chooses the selected item.

Cursor Movement

Cursor movement, whether in clear text or password fields, is accomplished by using the following keys:
Left, Up
Moves the cursor one character to the left. In password fields, it deletes the character to the left of the current cursor position.
Right, Down
Moves the cursor one character to the right. In password fields, these keys do nothing.
Home
Moves the cursor at the beginning of the input field.
End
Moves the cursor at the end of the input field.
Backspace
Moves the cursor one character to the right and deletes the character at this position.
Delete
Keeps the cursor at the current position and deletes the character on the right, shifting remaining characters to the left.
Enter, Tab
The input is confirmed and the next widget will be focused.

Editing Password Records

When a password record is opened by pressing Enter, it is opened in read-only mode in order to prevent accidental modification.
After opening a password record, the read-only mode can be left by pressing Ctrl+e in any of the text fields.

Configuration File

If the file $HOME/.yapet exists, yapet reads options provided in this file. You may specify a different configuration file by using the -r option (see the section called “OPTIONS”). Options given on the command line have precedence over options given in a configuration file.
The configuration file has the following syntax:
option=value
where option can be any of the following:
load
The file to load upon start of yapet.
 
Equivalent to providing a filename when invoking yapet.
 
A ~ (tilde) sign as the first character of the file path will be replaced by the home directory of the user running yapet.
 
Default: not set
locktimeout
A positive integer specifying the time of inactivity in seconds until the screen is locked.
 
Equivalent to providing the -t option when invoking yapet.
 
Default: 600
pwinputtimeout
A positive integer specifying the time of inactivity in seconds until the password prompt for unlocking the screen will disappear.
 
Default: 60
allowlockquit
A value of 1 (one) or 0 (zero). A value of 1 allows the user to quit yapet from the locked screen (if no changes are pending). A value of 0 prevents the user from quitting yapet when the screen is locked.
 
Default: 1
checkfsecurity
A value of 1 (one) or 0 (zero). A value of 1 enables the verification of the file owner and permissions when loading a file. A value of 0 disables the verification of the file owner and permissions when loading a file.
 
Equivalent to providing the -S (same as 1) or -s (same as 0) options when invoking yapet.
 
Default: 1
ignorerc
A value of 1 (one) or 0 (zero). A value of 1 lets yapet ignore the options provided in the configuration file (see also the -i in the section called “OPTIONS”). A value of 0 has no effect on the processing of the configuration file.
 
Default: 0
pwgen_rng
The random number generator used to generate passwords. Possible values are
devrandom
Requests the use of /dev/random. This is a high-quality random number generator. However, if the system lacks entropy, reading from this device may block, thus making yapet unresponsive.
devurandom
Requests the use of /dev/urandom. This is a quality random number generator similar to /dev/random but not of the same quality.
 
Using this random number generator will not block as opposite to /dev/random.
lrand48
Requests the use of lrand48. This is low-quality random number generator and should be used only if none of the above two random number generators are available.
rand
Requests the use of rand. This is a last resort random number generator and should not be used.
 
If the random number generator requested is not available on the system, yapet searches for a suitable alternative.
 
Default: devurandom
pwgen_pwlen
A positive integer greater than zero specifying the default password length used by the Password Generator Dialog.
 
Default: 10
pwgen_letters
A value of 1 (one) or 0 (zero). A value of 1 will preselect Letters check box of the Password Generator Dialog. 0 does not preselect Letters check box.
 
Default: 1
pwgen_digits
A value of 1 (one) or 0 (zero). A value of 1 will preselect Digits check box of the Password Generator Dialog. 0 does not preselect Digits check box.
 
Default: 1
pwgen_punct
A value of 1 (one) or 0 (zero). A value of 1 will preselect Punctuation check box of the Password Generator Dialog. 0 does not preselect Punctuation check box.
 
Default: 1
pwgen_special
A value of 1 (one) or 0 (zero). A value of 1 will preselect Special check box of the Password Generator Dialog. 0 does not preselect Special check box.
 
Default: 1
pwgen_other
A value of 1 (one) or 0 (zero). A value of 1 will preselect Other check box of the Password Generator Dialog. 0 does not preselect Other check box.
 
Default: 0
See the section called “EXAMPLES” for examples of configuration files.
Options are case-sensitive. Spaces are not allowed before or after the equal sign. Syntax errors and unrecognized options are ignored silently.

Status Frame

When a password file is loaded, yapet displays some status information in the lower right frame as shown in Figure 3, “The Status Frame”
Figure 3. The Status Frame
 
 
+--------------------------------------+
| File permission check: enabled       |
| Screen lock time-out: 600 sec        |
| 1 entries (+)  (V: 1)                |
| PW set: Sat Aug 22 11:49:46 2009     |
+--------------------------------------+
File permission check is explained in the section called “OPTIONS” under the -s and -S options.
The next line labeled Screen lock time-out displays how long yapet will wait for a key press until the screen is locked.
The third line is giving a count of the password records in the currently loaded file. The (+) sign indicates that there are unsaved modifications in one or more password records. Absence of this sign indicates that no changes have been made to the records.
The (V: 1) label indicates that the file currently loaded was created with yapet version 0.5 or earlier. A file created with version 0.6 or a file created with yapet version prior 0.6 having its master password changed using yapet 0.6 will display (V: 2).
The fourth and last line shows the date the current master password has been set.

Caution

Although several precautions were taken to avoid having any passwords stored clear text in memory, there were occasions when core files contained the master password. This means that it is possible, though not likely, for a malicious user to get hold of one or more passwords while YAPET is running.

Format of YAPET Files

Please refer to the DESIGN in source code distribution or point your browser to http://www.guengel.ch/myapps/yapet/.

OPTIONS

The following options are supported:
-c, --copyright
Show the copyright information.
-h, --help
Print a help text.
-i, --ignore-rc
Do not read the configuration file. See also the ignorerc option in the section called “Configuration File”.
-r rcfile, --rc-file rcfile
Read the configuration file specified by rcfile. If this option is not given, the default configuration file read is $HOME/.yapet unless -i is specified.
-s, --no-file-security
Disable the check for the owner and file mode when loading files. Without this option, yapet checks password files for having the same owner as the user running yapet and verifies that the file mode is strictly 0600. If one of these conditions are not met, yapet refuses to load the file. Providing this options disables those checks and yapet will load files with owners other than the process owner of yapet and file modes different from 0600.
 
New files saved while this option is active will have the file mode set to 0644.
-S, --file-security
Enable the check for the owner and file mode when loading files. This option makes yapet to load password files having the owner set to the process owner of yapet and the file mode strictly set to 0600 only. If one of these conditions are not met, yapet refuses to load the file.
 
New files saved while this option is active will have the file mode set to 0600.
 
This is the default mode.
-t sec, --timeout sec
Set the timeout until the screen is locked to sec seconds. The minimum time allowed is 10 seconds. If a lower value is provided, the timeout will be set to 10 seconds.
-V, --version
Show the version of yapet.
filename
The file to open upon invocation of yapet. If the file does not exist, yapet asks whether it should be created.
 
Files created by yapet always have the suffix .pet.

EXAMPLES

Example 1. Example of an yapet configuration file
 
load=/home/joe/passwords
locktimeout=300
checkfsecurity=0
pwgen_pwlen=8
In this example, the file /home/joe/passwords will be loaded upon invocation of yapet. The timeout until the screen is locked is set to 300 seconds. File permissions will not be verified.
The Password Generator Dialog will have preset the Password Length to 8 characters.
Example 2. Example of an yapet configuration file
 
locktimeout=150
checkfsecurity=1
pwgen_other=1
In this example, no file will be automatically loaded upon invocation of yapet. The timeout until the screen is locked is set to 150 seconds. File permissions and owner will be verified.
The Password Generator Dialog will have preset the Other check box checked.
Example 3. Example 1 revisited
 
load=~/passwords.pet
locktimeout=300
checkfsecurity=0
pwgen_pwlen=8
This example has the same effect as Example 1, “Example of an yapet configuration file”. But instead of specifying the full path to the home directory, the ~ (tilde) sign is used, which is expanded to the home directory automatically. The .pet suffix can be specified, but if omitted it will be appended automatically.

FILES

$HOME/.yapet
The per-user configuration file. If existing, options are read from this file but can be overridden by the command line options.
 
Processing of this file can be disabled by invoking yapet with the -i option.
 
Refer to the the section called “Configuration File” for an explanation of the per-user configuration file.

ENVIRONMENT

LC_MESSAGES
Printing messages in the specified language. Currently only German is supported besides English.

BUGS

If a password record is open, the screen lock will not activate, leaving yapet unprotected.
Please report bugs to http://bugs.guengel.ch[1].

AUTHOR

Rafael Ostertag rafi@guengel.ch

SEE ALSO

csv2yapet(1), curses(3X), ssl(3), crypto(3)

AVAILABILITY

The latest version of yapet can be found under http://www.guengel.ch/myapps/yapet/.

LICENSE

YAPET -- Yet Another Password Encryption Tool
 
Copyright (C) 2008 - 2010 Rafael Ostertag rafi@guengel.ch
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.
Additional permission under GNU GPL version 3 section 7. If you modify this program, or any covered work, by linking or combining it with the OpenSSL project's OpenSSL library (or a modified version of that library), containing parts covered by the terms of the OpenSSL or SSLeay licenses, Rafael Ostertag grants you additional permission to convey the resulting work. Corresponding Source for a non-source form of such a combination shall include the source code for the parts of OpenSSL used as well as that of the covered work.

COPYRIGHT

Copyright © 2008, 2009, 2010 Rafael Ostertag <rafi@guengel.ch>
 

NOTES

1.
http://bugs.guengel.ch
http://bugs.guengel.ch/
01/02/2011 yapet 0.8pre2