1YAPET(1) User Commands YAPET(1)
2
3
4
6 yapet - text based password manager
7
9 yapet [[-c] | [-h] | [-V]] [[-i] | [-r {rcfile}]] [[-s] | [-S]]
10 [-t {sec}] [filename]
11
13 yapet stores passwords and associated information (referred to as
14 password records) in files encrypted on disk.
15
16 yapet does not impose a limit of password records per file and the
17 number of files the passwords are stored in, although yapet is able to
18 display password records of one file at a time.
19
20 For convenience, yapet provides a search function for password records
21 of the currently loaded password file.
22
23 The password records are protected by a master password. The master
24 password is used to encrypt and decrypt the password records. Remember,
25 if the master password is lost, so are the records.
26
27 yapet relies on OpenSSL for encryption and decryption of password
28 records. The cipher for encryption and decryption is Blowfish with a
29 448 bits key.
30
31 Files created by yapet always have the suffix .pet. This cannot be
32 changed. Also, if a file is loaded using the command line, yapet
33 appends the suffix .pet to the file name unless the file name includes
34 the suffix.
35
36 Main Screen
37 Invoking yapet without command line arguments given will show a screen
38 as shown in Figure 1, “Main Screen”.
39
40 Figure 1. Main Screen
41
42
43 ..::|| YAPET 0.6 ||::..
44 +---------------------------++---------------------------+
45 | || K E Y S |
46 | ||---------------------------|
47 | || S Save File |
48 | || R Load File |
49 | || L Lock Screen |
50 | || A Add Entry |
51 | || D Delete Entry |
52 | || O Sort Order |
53 | || / Search |
54 | || N Search Next |
55 | || C Change Password |
56 | || ^L Redraw Screen |
57 | || Q Quit |
58 | || G Password Generator|
59 | |+---------------------------+
60 | |+---------------------------+
61 | || |
62 | || |
63 | || |
64 | || |
65 +---------------------------++---------------------------+
66 No file loaded
67
68 The upper right frame in Figure 1, “Main Screen” shows the function
69 keys recognized by yapet. See the section called “Function Keys” for
70 details about the function keys.
71
72 The empty frame on the left side of the main screen will display the
73 list of password records. The selection of the record to be viewed can
74 be moved as explained in the section called “Selection Movement”.
75
76 Only when a a password file is loaded, the lower right frame will
77 display some status information as shown explained in the section
78 called “Status Frame”.
79
80 Password Record
81 Passwords are stored as records having the fields as shown in Figure 2,
82 “Password Record Dialog” below.
83
84 Figure 2. Password Record Dialog
85
86
87 +-P A S S W O R D R E C O R D--------------------+
88 |Name |
89 |_________________________________________________|
90 |Host |
91 |_________________________________________________|
92 |Username |
93 |_________________________________________________|
94 |Password |
95 |_________________________________________________|
96 |Comment |
97 |_________________________________________________|
98 | |
99 |[ OK ] [ Cancel ] [ Generate Password ] |
100 +-------------------------------------------------+
101
102 The fields have the following meaning:
103
104 Name
105 The name displayed in the Main Screen.
106
107 Host
108 The host on which the password is used.
109
110 Username
111 The user name the password is associated with.
112
113 Password
114 The password to protect.
115
116 Comment
117 A comment.
118
119 For an explanation of the Generate Password refer to the section called
120 “Password Generator Dialog”.
121
122 Function Keys
123 Function keys are the keys recognized by yapet in the main screen, i.e.
124 if no dialog is presented. Function keys are not case-sensitive. See
125 below for an explanation of the function keys recognized:
126
127 S
128 Saves the password records to the file.
129
130 R
131 Load (read) a file from disk. This command is also used to create a
132 new file. When creating a new file, enter the file name into the
133 input field. yapet will ask whether it should create the file if
134 it does not exist.
135
136 L
137 Lock and blank the screen. Has only effect if a file is loaded. In
138 order to unlock the screen, the password of the currently loaded
139 file has to be entered.
140
141 A
142 Add a new password record to the currently loaded file. The
143 password record will be permanently added to the file when the file
144 is saved by pressing S.
145
146 Before this function can be used an existing file has to be loaded
147 or a new file has to be created by pressing R.
148
149 D
150 Delete a password entry from the currently loaded file. The entry
151 will be permanently deleted if the file is saved by pressing S.
152
153 O
154 Change the sort order to either ascending or descending. This
155 setting is not kept permanently and is lost upon restart of yapet.
156
157 The default sort order is ascending.
158
159 /
160 Start a new search. yapet can only search the name of the password
161 records for a particular term. If the term is found, the item is
162 highlighted. The search can be repeated by pressing N.
163
164 N
165 Repeat the search using the search term specified by invoking the
166 search functionality by pressing /.
167
168 C
169 Change the master password of the currently loaded file. This
170 action requires to save all changes first. The file with the old
171 master password will be saved as filename.pet.bak where filename is
172 the name of the currently loaded file.
173
174 CTRL+L (^L)
175 Redraws the screen.
176
177 Q
178 Quit yapet. If changes were not saved yapet will ask whether they
179 should be saved or not. Regardless of the answer, yapet quits,
180 either saving the changes or discarding them.
181
182 G
183 Open the Password Generator Dialog. See the section called
184 “Password Generator Dialog” for further information.
185
186 Dialogs
187 Frames appearing on top of the Main Screen are called Dialogs. They are
188 comprised of widgets which can take input from the user.
189
190 The Tab key will switch the focus to the next widget. Be aware that
191 Shift+Tab does not work for focusing the previous widget.
192
193 By pressing the Esc key dialogs will be canceled and closed.
194
195 Password Generator Dialog
196 yapet may compute random password of arbitrary length using
197 characters from different character pools.
198
199 In the Main Screen, pressing G will bring up the Password Generator
200 Dialog, which simply generates passwords.
201
202 The check boxes can be selected by pressing either Enter or Space
203 keys, the Down and Up keys will selected the next or previous check
204 box, respectively. Pressing the Tab will leave the check boxes and
205 focus the Regenerate button, which can be used to regenerate the
206 password with the options set.
207
208 By pressing the Generate Password button in the Password Record
209 Dialog the Password Generator Dialog will also be displayed.
210 Additionally, the generated password can be inserted into the
211 Password Record by pressing OK. Any previous password will replaced
212 by the generated password.
213
214 See the section called “Configuration File” on how the password
215 generator options can be preset.
216
217 Selection Movement
218 The keys explained below are recognized for selection movement in list
219 widgets, such as the password records list or the lists used by the
220 File Open dialog.
221
222 Up, k, Down, j
223 Moves the selection one item up (Up, k) or down (Down, j).
224
225 Page Up, Page Down
226 Scrolls one screen-full up (Page Up) or down (Page Down).
227
228 Home, End
229 Scrolls to the beginning (Home) or the end (End) of the list.
230
231 Enter
232 Chooses the selected item.
233
234 Cursor Movement
235 Cursor movement, whether in clear text or password fields, is
236 accomplished by using the following keys:
237
238 Left, Up
239 Moves the cursor one character to the left. In password fields, it
240 deletes the character to the left of the current cursor position.
241
242 Right, Down
243 Moves the cursor one character to the right. In password fields,
244 these keys do nothing.
245
246 Home
247 Moves the cursor at the beginning of the input field.
248
249 End
250 Moves the cursor at the end of the input field.
251
252 Backspace
253 Moves the cursor one character to the right and deletes the
254 character at this position.
255
256 Delete
257 Keeps the cursor at the current position and deletes the character
258 on the right, shifting remaining characters to the left.
259
260 Enter, Tab
261 The input is confirmed and the next widget will be focused.
262
263 Configuration File
264 If the file $HOME/.yapet exists, yapet reads by default options
265 provided in this file. You may specify a different configuration file
266 by using the -r option (see the section called “OPTIONS”). Options
267 given on the command line have precedence over options given in a
268 configuration file.
269
270 The configuration file has the following syntax:
271
272 option=value
273
274 where option can be any of the following:
275
276 load
277 The file to load upon start of yapet.
278
279 Equivalent to providing a filename when invoking yapet.
280
281 A ~ (tilde) sign as the first character of the file path will be
282 replaced by the home directory of the user running yapet.
283
284 Default: not set
285
286 locktimeout
287 A positive integer specifying the time of inactivity in seconds
288 until the screen is locked.
289
290 Equivalent to providing the -t option when invoking yapet.
291
292 Default: 600
293
294 checkfsecurity
295 A value of 1 (one) or 0 (zero). A value of 1 enables the
296 verification of the file owner and permissions when loading a file.
297 A value of 0 disables the verification of the file owner and
298 permissions when loading a file.
299
300 Equivalent to providing the -S (same as 1) or -s (same as 0)
301 options when invoking yapet.
302
303 Default: 1
304
305 ignorerc
306 A value of 1 (one) or 0 (zero). A value of 1 lets yapet ignore the
307 options provided in the configuration file (see also the -i in the
308 section called “OPTIONS”). A value of 0 has no effect on the
309 processing of the configuration file.
310
311 Default: 0
312
313 pwgen_rng
314 The random number generator used to generate passwords. Possible
315 values are
316
317 devrandom
318 Requests the use of /dev/random. This is a high-quality random
319 number generator. However, if the system lacks entropy, reading
320 from this device may block, thus making yapet unresponsive.
321
322 devurandom
323 Requests the use of /dev/urandom. This is a quality random
324 number generator similar to /dev/random but not of the same
325 quality.
326
327 Using this random number generator will not block as opposite
328 to /dev/random.
329
330 lrand48
331 Requests the use of lrand48. This is low-quality random number
332 generator and should be used only if none of the above two
333 random number generators are available.
334
335 rand
336 Requests the use of rand. This is a last resort random number
337 generator and should not be used.
338
339 If the random number generator requested is not available on the
340 system, yapet searches for a suitable alternative.
341
342 Default: devurandom
343
344 pwgen_pwlen
345 A positive integer greater than zero specifying the default
346 password length used by the Password Generator Dialog.
347
348 Default: 10
349
350 pwgen_letters
351 A value of 1 (one) or 0 (zero). A value of 1 will preselect Letters
352 check box of the Password Generator Dialog. 0 does not preselect
353 Letters check box.
354
355 Default: 1
356
357 pwgen_digits
358 A value of 1 (one) or 0 (zero). A value of 1 will preselect Digits
359 check box of the Password Generator Dialog. 0 does not preselect
360 Digits check box.
361
362 Default: 1
363
364 pwgen_punct
365 A value of 1 (one) or 0 (zero). A value of 1 will preselect
366 Punctuation check box of the Password Generator Dialog. 0 does not
367 preselect Punctuation check box.
368
369 Default: 1
370
371 pwgen_special
372 A value of 1 (one) or 0 (zero). A value of 1 will preselect Special
373 check box of the Password Generator Dialog. 0 does not preselect
374 Special check box.
375
376 Default: 1
377
378 pwgen_other
379 A value of 1 (one) or 0 (zero). A value of 1 will preselect Other
380 check box of the Password Generator Dialog. 0 does not preselect
381 Other check box.
382
383 Default: 0
384
385 See the section called “EXAMPLES” for examples of configuration files.
386
387 Options are case-sensitive. Spaces are not allowed before or after the
388 equal sign. Syntax errors and unrecognized options are ignored
389 silently.
390
391 Status Frame
392 When a password file is loaded, yapet displays some status information
393 in the lower right frame as shown in Figure 3, “The Status Frame”
394
395 Figure 3. The Status Frame
396
397
398 +--------------------------------------+
399 | File permission check: enabled |
400 | Screen lock time-out: 600 sec |
401 | 1 entries (+) (V: 1) |
402 | PW set: Sat Aug 22 11:49:46 2009 |
403 +--------------------------------------+
404
405 File permission check is explained in the section called “OPTIONS”
406 under the -s and -S options.
407
408 The next line labeled Screen lock time-out displays how long yapet will
409 wait for a key press until the screen is locked.
410
411 The third line is giving a count of the password records in the
412 currently loaded file. The (+) sign indicates that there are unsaved
413 modifications in one or more password records. Absence of this sign
414 indicates that no changes have been made to the records.
415
416 The (V: 1) label indicates that the file currently loaded was created
417 with yapet version 0.5 or earlier. A file created with version 0.6 or a
418 file created with yapet version prior 0.6 having its master password
419 changed using yapet 0.6 will display (V: 2).
420
421 The fourth and last line shows the date the current master password has
422 been set.
423
424 Caution
425 Although several precautions were taken to avoid having any passwords
426 stored clear text in memory, there were occasions when core files
427 contained the master password. This means that it is possible, though
428 not likely, for a malicious user to get hold of one or more passwords
429 while YAPET is running.
430
431 Format of YAPET Files
432 Please refer to the DESIGN in source code distribution or point your
433 browser to http://www.guengel.ch/myapps/yapet/.
434
436 The following options are supported:
437
438 -c, --copyright
439 Show the copyright information.
440
441 -h, --help
442 Print a help text.
443
444 -i, --ignore-rc
445 Do not read the configuration file. See also the ignorerc option in
446 the section called “Configuration File”.
447
448 -r rcfile, --rc-file rcfile
449 Read the configuration file specified by rcfile. If this option is
450 not given, the default configuration file read is $HOME/.yapet
451 unless -i is specified.
452
453 -s, --no-file-security
454 Disable the check for the owner and file mode when loading files.
455 Without this option, yapet checks password files for having the
456 same owner as the user running yapet and verifies that the file
457 mode is strictly 0600. If one of these conditions are not met,
458 yapet refuses to load the file. Providing this options disables
459 those checks and yapet will load files with owners other than the
460 process owner of yapet and file modes different from 0600.
461
462 New files saved while this option is active will have the file mode
463 set to 0644.
464
465 -S, --file-security
466 Enable the check for the owner and file mode when loading files.
467 This option makes yapet to load password files having the owner set
468 to the process owner of yapet and the file mode strictly set to
469 0600 only. If one of these conditions are not met, yapet refuses to
470 load the file.
471
472 New files saved while this option is active will have the file mode
473 set to 0600.
474
475 This is the default mode.
476
477 -t sec, --timeout sec
478 Set the timeout until the screen is locked to sec seconds. The
479 minimum time allowed is 10 seconds. If a lower value is provided,
480 the timeout will be set to 10 seconds.
481
482 -V, --version
483 Show the version of yapet.
484
485 filename
486 The file to open upon invocation of yapet. If the file does not
487 exist, yapet asks whether it should be created.
488
489 Files created by yapet always have the suffix .pet.
490
492 Example 1. Example of an yapet configuration file
493
494 load=/home/joe/passwords
495 locktimeout=300
496 checkfsecurity=0
497 pwgen_pwlen=8
498
499 In this example, the file /home/joe/passwords will be loaded upon
500 invocation of yapet. The timeout until the screen is locked is set to
501 300 seconds. File permissions will not be verified.
502
503 The Password Generator Dialog will have preset the Password Length to 8
504 characters.
505
506 Example 2. Example of an yapet configuration file
507
508 locktimeout=150
509 checkfsecurity=1
510 pwgen_other=1
511
512 In this example, no file will be automatically loaded upon invocation
513 of yapet. The timeout until the screen is locked is set to 150 seconds.
514 File permissions and owner will be verified.
515
516 The Password Generator Dialog will have preset the Other check box
517 checked.
518
519 Example 3. Example 1 revisited
520
521 load=~/passwords.pet
522 locktimeout=300
523 checkfsecurity=0
524 pwgen_pwlen=8
525
526 This example has the same effect as Example 1, “Example of an yapet
527 configuration file”. But instead of specifying the full path to the
528 home directory, the ~ (tilde) sign is used, which is expanded to the
529 home directory automatically. The .pet suffix can be specified, but if
530 omitted it will be appended automatically.
531
533 $HOME/.yapet
534 The per-user configuration file. If existing, options are read from
535 this file but can be overridden by the command line options.
536
537 Processing of this file can be disabled by invoking yapet with the
538 -i option.
539
540 Refer to the the section called “Configuration File” for an
541 explanation of the per-user configuration file.
542
544 LC_MESSAGES
545 Printing messages in the specified language. Currently only German
546 is supported besides English.
547
549 Please report bugs to the author (see the section called “AUTHOR”), or
550 (preferably) point your browser to http://bugs.guengel.ch[1] and create
551 a bug report.
552
554 Rafael Ostertag rafi@guengel.ch
555
557 csv2yapet(1), curses(3X), ssl(3), crypto(3)
558
560 The latest version of yapet can be found under
561 http://www.guengel.ch/myapps/yapet/.
562
564 YAPET -- Yet Another Password Encryption Tool
565
566 Copyright (C) 2008, 2009 Rafael Ostertag rafi@guengel.ch
567
568 This program is free software: you can redistribute it and/or modify it
569 under the terms of the GNU General Public License as published by the
570 Free Software Foundation, either version 3 of the License, or (at your
571 option) any later version.
572
573 This program is distributed in the hope that it will be useful, but
574 WITHOUT ANY WARRANTY; without even the implied warranty of
575 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
576 General Public License for more details.
577
578 You should have received a copy of the GNU General Public License along
579 with this program. If not, see http://www.gnu.org/licenses/.
580
581 Additional permission under GNU GPL version 3 section 7. If you modify
582 this program, or any covered work, by linking or combining it with the
583 OpenSSL project´s OpenSSL library (or a modified version of that
584 library), containing parts covered by the terms of the OpenSSL or
585 SSLeay licenses, Rafael Ostertag grants you additional permission to
586 convey the resulting work. Corresponding Source for a non-source form
587 of such a combination shall include the source code for the parts of
588 OpenSSL used as well as that of the covered work.
589
591 Copyright © 2008, 2009 Rafael Ostertag <rafi@guengel.ch>
592
594 1. http://bugs.guengel.ch
595 http://bugs.guengel.ch/
596
597
598
599yapet 0.6 09/04/2009 YAPET(1)