Editing GPG-encrypted files in Vim

Update 2012-03-06: gnupg.vim now has a new maintainer. Link updated.

I’m always looking for a better way to digitally store private data, like passport numbers, credit cards, and server root passwords. Unfortunately, good encryption is hard to find. I have yet to find a solution better than “GPG-encrypted text files edited with a secure editor”. For five years I’ve used KGpg‘s built-in text editor for this, but it has a number of limitations. Today, I discovered that I can do it natively within Vim.

Start by downloading the gnupg Vim plugin. Copy this file to ~/.vim/plugin.

Now you need to set an environment variable. Add this to ~/.bashrc or some place sourced by your shell.

You can now use the plugin, but you’ll probably want to set some defaults. These tell the plugin to prefer ASCII-armored files, and sets your default recipient list. Both only apply to newly-created files. Add this to ~/.vimrc.

You can now open, edit, and save encrypted files transparently. They must have a “.gpg”, “.pgp” or “.asc” suffix.

vim test.asc

:wq

Enter your data.

:wq

Quit and it will be encrypted.
cat test.asc

gpg -d test.asc

As always, using gpg-agent is a good idea. If you’re using Ubuntu, you are probably already doing this.

Tags: , ,

  1. Adam’s avatar

    Cool tip, thanks. I got this working after far too long fighting to solve a problem with gpg-agent on ubuntu netbook edition. It turns out the window manager (or specifically maximus) causes pinentry to seg fault before you can enter your passphrase.

    I finally found a workaround here: https://bugs.launchpad.net/ubuntu/+source/pinentry/+bug/162585

    Reply

    1. Tyler Wagner’s avatar

      There is a work-around in that bug report. You might also try pinentry-qt, although I doubt that will behave differently.

      Reply

      1. Adam’s avatar

        Yes, the workaround works fine. I just thought I’d leave a link here in case it saves somebody else some time with the same issue. (And to release some frustration at an annoying bug!)

        Reply

      2. felipe’s avatar

        vim -x file; and you’re done! that’s all you need.

        Reply

        1. Tyler Wagner’s avatar

          VimCrypt is not cryptographically secure. It is not a suitable replacement for GPG.

          Reply

        2. Monty Cantsin’s avatar

          tnx tyler. – this is nice indeed!
          rgrds, mc

          Reply

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">