octoleo/Purse
1
0
Fork 0
mirror of https://github.com/octoleo/Purse.git synced 2024-12-28 03:45:04 +00:00
Code Releases Activity

Safer archive backups

Browse Source
This commit is contained in:
drduh 2024-03-26 14:32:02 -07:00
parent 02b910b326
commit f429a52625
2 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -78,8 +78,8 @@ Variable | Description | Default | Values
`PURSE_INDEX` | index file name | `purse.index` | any valid string
`PURSE_BACKUP` | backup archive file name | `purse.$hostname.$today.tar` | any valid string
**Note** For additional privacy, the recipient key ID is **not** included in metadata (`throw-keyids` option).
**Note** For additional privacy, the recipient key ID is **not** included in metadata (GnuPG `throw-keyids` option).
The password index file can also be encrypted by changing the `encrypt_index` variable to `true` in the script, although two touches will be required for two separate decryption operations.
The password index file can also be encrypted by changing the `encrypt_index` variable to `true` in the script, however 2 YubiKey touches will be required (for 2 separate decryption operations).
See [config/gpg.conf](https://github.com/drduh/config/blob/master/gpg.conf) for additional GnuPG options.

22
purse.sh
View File

@ -104,7 +104,6 @@ read_pass () {
tail -1 | cut -d ":" -f2)
fi
set -x
prompt_key "password"
if [[ -s "${spath}" ]] ; then
decrypt "${spath}" || fail "Failed to decrypt ${spath}"
@ -175,13 +174,15 @@ list_entry () {
backup () {
# Archive index, safe and configuration.
if [[ -f "${safe_ix}" && -d "${safe_dir}" ]] ; then
cp "${gpg_conf}" "gpg.conf.${today}"
tar cf "${safe_backup}" "${safe_ix}" "${safe_dir}" \
"${BASH_SOURCE}" "gpg.conf.${today}" && \
printf "\nArchived %s\n" "${safe_backup}"
rm -f "gpg.conf.${today}"
else fail "Nothing to archive" ; fi
if [[ ! -f ${safe_backup} ]] ; then
if [[ -f "${safe_ix}" && -d "${safe_dir}" ]] ; then
cp "${gpg_conf}" "gpg.conf.${today}"
tar cf "${safe_backup}" "${safe_ix}" "${safe_dir}" \
"${BASH_SOURCE}" "gpg.conf.${today}" && \
printf "\nArchived %s\n" "${safe_backup}"
rm -f "gpg.conf.${today}"
else fail "Nothing to archive" ; fi
else warn "${safe_backup} exists, skipping archive" ; fi
}
clip () {
@ -192,14 +193,13 @@ clip () {
else "${copy}" < "${1}" ; fi
printf "\n"
while [ "${clip_timeout}" -gt 0 ] ; do
while [[ "${clip_timeout}" -gt 0 ]] ; do
printf "\r\033[K Password on %s! Clearing in %.d" \
"${clip_dest}" "$((clip_timeout--))" ; sleep 1
done
printf "\r\033[K Clearing password from %s ..." "${clip_dest}"
if [[ "${clip_dest}" = "screen" ]] ; then
clear
if [[ "${clip_dest}" = "screen" ]] ; then clear
else printf "\n" ; printf "" | "${copy}" ; fi
}