On February 4, 2017, Eric Oyen wrote: > THis may be a bit extravagant when it comes to keeping your > passwords safe and usable by you, but it certainly would frustrate > someone seeking to breach your machine with physical access. I strongly recommend using a password manager that allows you to keep many unique strong passwords for you, all behind standard-compliant encryption. I recommend KeePassX if it's accessible to you. There's "kpcli" which is supposedly a CLI interface to the KeePassX (or "KeePass"?) database, though I don't know which features it includes. There are also other various password managers. As a fall-back, I recommend a plain-text file that you encrypt with GPG using a single strong password. I wrote up an article about doing this with the "ed" editor http://tim.thechases.com/posts/cli/using-ed1-as-a-password-manager/ but the principle holds for most editors. Just make sure that you disable your editor's swap-file and storage of copied text if is uses one, such as vim (though Vim has some nice GPG extensions that disable such settings and marshal the file through GPG as you read & write it). In this case, you do need to beware of people reading over your shoulder, but if you're completely blind, you can just disable/disconnect the screen (and if you have some sight, you should be able to use something like KeePassX). -tim _______________________________________________ Blinux-list mailing list Blinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/blinux-list