Sunday, February 20, 2011

Vim Usage: encrypt your text file

Computer security is a very important issue when the computer is public. File in computer can be easy accessed by other people if you don't protect your file in a serious manner. Vim provides a security function that you can set a password to your file.

To encrypt a file, you need to start vim with -x parameter. e.g.
$ vim -x password.txt"

Vim then will ask you to enter a password for this file. The password will be hidden with stars to prevent from other people seeing your password. Thus, you need to enter the same password again to avoid typo mistakes.

Now you can edit your file normally as usual. When you save the file, the file will automatically be encrypted.

When you use vim to open this file, vim will ask you to input the password in order to authentic the editor (you won't need to put -x in the command). You also can use ":edit" command to edit encrypted file.

If you use other editors such as notepad to view the encrypted file, you should see messy symbols. If you input a wrong password, you also will get error. Vim doesn't provide password verification, every key can open the file, but only correct one will decrypt the file and the decrypted content is meaningful. This method makes it more hard to crack.

If you want to clear the password, you can use ":set key=" to set the key to be null. Then you save the file, this file will not be encrypted any more. In fact, you can use ":set key=[your password]" to set your key. However, it is bad since every body can see what you typed on the screen. To avoid this problem, you can use ":X" command which is same as -x parameter in vim to ask you input password.

There is other issue about the security of vim. The encryption of vim is enough to prevent the people want to view your file, but if people was a professional hacker, he can crack your file with using many time. Also, vim will create a swap file when you edit it. This swap file can be viewed by the super user. Thus, we can avoid this by using "-n" to not create swap file for vim. You can use the command to launch vim:

$ vim -x -n filename.txt

If you are editing the file, you can use ":setlocal noswapfile" to stop create swap file. However, since there is no swap file, file recovery is difficult to achieve. One way to solve it is to save your file in shorter time. :-)
Posted by Edwin Kwok at 2:22 PM
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)