1YAPET(1) User Commands YAPET(1)
2
6 yapet - text based password manager
7
9 yapet [[-c] | [-h] | [-V]] [[-i] | [-r {rcfile}]] [[-s] | [-S]]
10 [-t {sec}] [filename]
11
13 yapet stores passwords and associated information (referred to as
14 password records) in files encrypted on disk.
15 yapet does not impose a limit of password records per file and the
17 number of files the passwords are stored in, although yapet is able to
18 display password records of one file at a time.
19 For convenience, yapet provides a search function for password records
21 of the currently loaded password file.
22 The password records are protected by a master password. The master
24 password is used to encrypt and decrypt the password records. Remember,
25 if the master password is lost, so are the records.
26 yapet relies on OpenSSL for encryption and decryption of password
28 records. The cipher for encryption and decryption is Blowfish with a
29 448 bits key.
30 Files created by yapet always have the suffix .pet. This cannot be
32 changed. Also, if a file is loaded using the command line, yapet
33 appends the suffix .pet to the file name unless the file name includes
34 the suffix.
35 Main Screen
37 Invoking yapet without command line arguments given will show a screen
38 as shown in Figure 1, “Main Screen”.
39 Figure 1. Main Screen
41 ..::|| YAPET 0.6 ||::..
44 +---------------------------++---------------------------+
45 | || K E Y S |
46 | ||---------------------------|
47 | || S Save File |
48 | || R Load File |
49 | || L Lock Screen |
50 | || A Add Entry |
51 | || D Delete Entry |
52 | || O Sort Order |
53 | || / Search |
54 | || N Search Next |
55 | || C Change Password |
56 | || ^L Redraw Screen |
57 | || Q Quit |
58 | || G Password Generator|
59 | |+---------------------------+
60 | |+---------------------------+
61 | || |
62 | || |
63 | || |
64 | || |
65 +---------------------------++---------------------------+
66 No file loaded
67 The upper right frame in Figure 1, “Main Screen” shows the function
69 keys recognized by yapet. See the section called “Function Keys” for
70 details about the function keys.
71 The empty frame on the left side of the main screen will display the
73 list of password records. The selection of the record to be viewed can
74 be moved as explained in the section called “Selection Movement”.
75 Only when a a password file is loaded, the lower right frame will
77 display some status information as shown explained in the section
78 called “Status Frame”.
79 Password Record
81 Passwords are stored as records having the fields as shown in Figure 2,
82 “Password Record Dialog” below.
83 Figure 2. Password Record Dialog
85 +-P A S S W O R D R E C O R D--------------------+
88 |Name |
89 |_________________________________________________|
90 |Host |
91 |_________________________________________________|
92 |Username |
93 |_________________________________________________|
94 |Password |
95 |_________________________________________________|
96 |Comment |
97 |_________________________________________________|
98 | |
99 |[ OK ] [ Cancel ] [ Generate Password ] |
100 +-------------------------------------------------+
101 The fields have the following meaning:
103 Name
105 The name displayed in the Main Screen.
106 Host
108 The host on which the password is used.
109 Username
111 The user name the password is associated with.
112 Password
114 The password to protect.
115 Comment
117 A comment.
118 For an explanation of the Generate Password refer to the section called
120 “Password Generator Dialog”.
121 Function Keys
123 Function keys are the keys recognized by yapet in the main screen, i.e.
124 if no dialog is presented. Function keys are not case-sensitive. See
125 below for an explanation of the function keys recognized:
126 S
128 Saves the password records to the file.
129 R
131 Load (read) a file from disk. This command is also used to create a
132 new file. When creating a new file, enter the file name into the
133 input field. yapet will ask whether it should create the file if
134 it does not exist.
135 L
137 Lock and blank the screen. Has only effect if a file is loaded. In
138 order to unlock the screen, the password of the currently loaded
139 file has to be entered.
140 A
142 Add a new password record to the currently loaded file. The
143 password record will be permanently added to the file when the file
144 is saved by pressing S.
145 Before this function can be used an existing file has to be loaded
147 or a new file has to be created by pressing R.
148 D
150 Delete a password entry from the currently loaded file. The entry
151 will be permanently deleted if the file is saved by pressing S.
152 O
154 Change the sort order to either ascending or descending. This
155 setting is not kept permanently and is lost upon restart of yapet.
156 The default sort order is ascending.
158 /
160 Start a new search. yapet can only search the name of the password
161 records for a particular term. If the term is found, the item is
162 highlighted. The search can be repeated by pressing N.
163 N
165 Repeat the search using the search term specified by invoking the
166 search functionality by pressing /.
167 C
169 Change the master password of the currently loaded file. This
170 action requires to save all changes first. The file with the old
171 master password will be saved as filename.pet.bak where filename is
172 the name of the currently loaded file.
173 CTRL+L (^L)
175 Redraws the screen.
176 Q
178 Quit yapet. If changes were not saved yapet will ask whether they
179 should be saved or not. Regardless of the answer, yapet quits,
180 either saving the changes or discarding them.
181 G
183 Open the Password Generator Dialog. See the section called
184 “Password Generator Dialog” for further information.
185 Dialogs
187 Frames appearing on top of the Main Screen are called Dialogs. They are
188 comprised of widgets which can take input from the user.
189 The Tab key will switch the focus to the next widget. Be aware that
191 Shift+Tab does not work for focusing the previous widget.
192 By pressing the Esc key dialogs will be canceled and closed.
194 Password Generator Dialog
196 yapet may compute random password of arbitrary length using
197 characters from different character pools.
198 In the Main Screen, pressing G will bring up the Password Generator
200 Dialog, which simply generates passwords.
201 The check boxes can be selected by pressing either Enter or Space
203 keys, the Down and Up keys will selected the next or previous check
204 box, respectively. Pressing the Tab will leave the check boxes and
205 focus the Regenerate button, which can be used to regenerate the
206 password with the options set.
207 By pressing the Generate Password button in the Password Record
209 Dialog the Password Generator Dialog will also be displayed.
210 Additionally, the generated password can be inserted into the
211 Password Record by pressing OK. Any previous password will replaced
212 by the generated password.
213 See the section called “Configuration File” on how the password
215 generator options can be preset.
216 Selection Movement
218 The keys explained below are recognized for selection movement in list
219 widgets, such as the password records list or the lists used by the
220 File Open dialog.
221 Up, k, Down, j
223 Moves the selection one item up (Up, k) or down (Down, j).
224 Page Up, Page Down
226 Scrolls one screen-full up (Page Up) or down (Page Down).
227 Home, End
229 Scrolls to the beginning (Home) or the end (End) of the list.
230 Enter
232 Chooses the selected item.
233 Cursor Movement
235 Cursor movement, whether in clear text or password fields, is
236 accomplished by using the following keys:
237 Left, Up
239 Moves the cursor one character to the left. In password fields, it
240 deletes the character to the left of the current cursor position.
241 Right, Down
243 Moves the cursor one character to the right. In password fields,
244 these keys do nothing.
245 Home
247 Moves the cursor at the beginning of the input field.
248 End
250 Moves the cursor at the end of the input field.
251 Backspace
253 Moves the cursor one character to the right and deletes the
254 character at this position.
255 Delete
257 Keeps the cursor at the current position and deletes the character
258 on the right, shifting remaining characters to the left.
259 Enter, Tab
261 The input is confirmed and the next widget will be focused.
262 Configuration File
264 If the file $HOME/.yapet exists, yapet reads by default options
265 provided in this file. You may specify a different configuration file
266 by using the -r option (see the section called “OPTIONS”). Options
267 given on the command line have precedence over options given in a
268 configuration file.
269 The configuration file has the following syntax:
271 option=value
273 where option can be any of the following:
275 load
277 The file to load upon start of yapet.
278 Equivalent to providing a filename when invoking yapet.
280 A ~ (tilde) sign as the first character of the file path will be
282 replaced by the home directory of the user running yapet.
283 Default: not set
285 locktimeout
287 A positive integer specifying the time of inactivity in seconds
288 until the screen is locked.
289 Equivalent to providing the -t option when invoking yapet.
291 Default: 600
293 checkfsecurity
295 A value of 1 (one) or 0 (zero). A value of 1 enables the
296 verification of the file owner and permissions when loading a file.
297 A value of 0 disables the verification of the file owner and
298 permissions when loading a file.
299 Equivalent to providing the -S (same as 1) or -s (same as 0)
301 options when invoking yapet.
302 Default: 1
304 ignorerc
306 A value of 1 (one) or 0 (zero). A value of 1 lets yapet ignore the
307 options provided in the configuration file (see also the -i in the
308 section called “OPTIONS”). A value of 0 has no effect on the
309 processing of the configuration file.
310 Default: 0
312 pwgen_rng
314 The random number generator used to generate passwords. Possible
315 values are
316 devrandom
318 Requests the use of /dev/random. This is a high-quality random
319 number generator. However, if the system lacks entropy, reading
320 from this device may block, thus making yapet unresponsive.
321 devurandom
323 Requests the use of /dev/urandom. This is a quality random
324 number generator similar to /dev/random but not of the same
325 quality.
326 Using this random number generator will not block as opposite
328 to /dev/random.
329 lrand48
331 Requests the use of lrand48. This is low-quality random number
332 generator and should be used only if none of the above two
333 random number generators are available.
334 rand
336 Requests the use of rand. This is a last resort random number
337 generator and should not be used.
338 If the random number generator requested is not available on the
340 system, yapet searches for a suitable alternative.
341 Default: devurandom
343 pwgen_pwlen
345 A positive integer greater than zero specifying the default
346 password length used by the Password Generator Dialog.
347 Default: 10
349 pwgen_letters
351 A value of 1 (one) or 0 (zero). A value of 1 will preselect Letters
352 check box of the Password Generator Dialog. 0 does not preselect
353 Letters check box.
354 Default: 1
356 pwgen_digits
358 A value of 1 (one) or 0 (zero). A value of 1 will preselect Digits
359 check box of the Password Generator Dialog. 0 does not preselect
360 Digits check box.
361 Default: 1
363 pwgen_punct
365 A value of 1 (one) or 0 (zero). A value of 1 will preselect
366 Punctuation check box of the Password Generator Dialog. 0 does not
367 preselect Punctuation check box.
368 Default: 1
370 pwgen_special
372 A value of 1 (one) or 0 (zero). A value of 1 will preselect Special
373 check box of the Password Generator Dialog. 0 does not preselect
374 Special check box.
375 Default: 1
377 pwgen_other
379 A value of 1 (one) or 0 (zero). A value of 1 will preselect Other
380 check box of the Password Generator Dialog. 0 does not preselect
381 Other check box.
382 Default: 0
384 See the section called “EXAMPLES” for examples of configuration files.
386 Options are case-sensitive. Spaces are not allowed before or after the
388 equal sign. Syntax errors and unrecognized options are ignored
389 silently.
390 Status Frame
392 When a password file is loaded, yapet displays some status information
393 in the lower right frame as shown in Figure 3, “The Status Frame”
394 Figure 3. The Status Frame
396 +--------------------------------------+
399 | File permission check: enabled |
400 | Screen lock time-out: 600 sec |
401 | 1 entries (+) (V: 1) |
402 | PW set: Sat Aug 22 11:49:46 2009 |
403 +--------------------------------------+
404 File permission check is explained in the section called “OPTIONS”
406 under the -s and -S options.
407 The next line labeled Screen lock time-out displays how long yapet will
409 wait for a key press until the screen is locked.
410 The third line is giving a count of the password records in the
412 currently loaded file. The (+) sign indicates that there are unsaved
413 modifications in one or more password records. Absence of this sign
414 indicates that no changes have been made to the records.
415 The (V: 1) label indicates that the file currently loaded was created
417 with yapet version 0.5 or earlier. A file created with version 0.6 or a
418 file created with yapet version prior 0.6 having its master password
419 changed using yapet 0.6 will display (V: 2).
420 The fourth and last line shows the date the current master password has
422 been set.
423 Caution
425 Although several precautions were taken to avoid having any passwords
426 stored clear text in memory, there were occasions when core files
427 contained the master password. This means that it is possible, though
428 not likely, for a malicious user to get hold of one or more passwords
429 while YAPET is running.
430 Format of YAPET Files
432 Please refer to the DESIGN in source code distribution or point your
433 browser to http://www.guengel.ch/myapps/yapet/.
434
436 The following options are supported:
437 -c, --copyright
439 Show the copyright information.
440 -h, --help
442 Print a help text.
443 -i, --ignore-rc
445 Do not read the configuration file. See also the ignorerc option in
446 the section called “Configuration File”.
447 -r rcfile, --rc-file rcfile
449 Read the configuration file specified by rcfile. If this option is
450 not given, the default configuration file read is $HOME/.yapet
451 unless -i is specified.
452 -s, --no-file-security
454 Disable the check for the owner and file mode when loading files.
455 Without this option, yapet checks password files for having the
456 same owner as the user running yapet and verifies that the file
457 mode is strictly 0600. If one of these conditions are not met,
458 yapet refuses to load the file. Providing this options disables
459 those checks and yapet will load files with owners other than the
460 process owner of yapet and file modes different from 0600.
461 New files saved while this option is active will have the file mode
463 set to 0644.
464 -S, --file-security
466 Enable the check for the owner and file mode when loading files.
467 This option makes yapet to load password files having the owner set
468 to the process owner of yapet and the file mode strictly set to
469 0600 only. If one of these conditions are not met, yapet refuses to
470 load the file.
471 New files saved while this option is active will have the file mode
473 set to 0600.
474 This is the default mode.
476 -t sec, --timeout sec
478 Set the timeout until the screen is locked to sec seconds. The
479 minimum time allowed is 10 seconds. If a lower value is provided,
480 the timeout will be set to 10 seconds.
481 -V, --version
483 Show the version of yapet.
484 filename
486 The file to open upon invocation of yapet. If the file does not
487 exist, yapet asks whether it should be created.
488 Files created by yapet always have the suffix .pet.
490
492 Example 1. Example of an yapet configuration file
493 load=/home/joe/passwords
495 locktimeout=300
496 checkfsecurity=0
497 pwgen_pwlen=8
498 In this example, the file /home/joe/passwords will be loaded upon
500 invocation of yapet. The timeout until the screen is locked is set to
501 300 seconds. File permissions will not be verified.
502 The Password Generator Dialog will have preset the Password Length to 8
504 characters.
505 Example 2. Example of an yapet configuration file
507 locktimeout=150
509 checkfsecurity=1
510 pwgen_other=1
511 In this example, no file will be automatically loaded upon invocation
513 of yapet. The timeout until the screen is locked is set to 150 seconds.
514 File permissions and owner will be verified.
515 The Password Generator Dialog will have preset the Other check box
517 checked.
518 Example 3. Example 1 revisited
520 load=~/passwords.pet
522 locktimeout=300
523 checkfsecurity=0
524 pwgen_pwlen=8
525 This example has the same effect as Example 1, “Example of an yapet
527 configuration file”. But instead of specifying the full path to the
528 home directory, the ~ (tilde) sign is used, which is expanded to the
529 home directory automatically. The .pet suffix can be specified, but if
530 omitted it will be appended automatically.
531
533 $HOME/.yapet
534 The per-user configuration file. If existing, options are read from
535 this file but can be overridden by the command line options.
536 Processing of this file can be disabled by invoking yapet with the
538 -i option.
539 Refer to the the section called “Configuration File” for an
541 explanation of the per-user configuration file.
542
544 LC_MESSAGES
545 Printing messages in the specified language. Currently only German
546 is supported besides English.
547
549 Please report bugs to the author (see the section called “AUTHOR”), or
550 (preferably) point your browser to http://bugs.guengel.ch[1] and create
551 a bug report.
552
554 Rafael Ostertag rafi@guengel.ch
555
557 csv2yapet(1), curses(3X), ssl(3), crypto(3)
558
560 The latest version of yapet can be found under
561 http://www.guengel.ch/myapps/yapet/.
562
564 YAPET -- Yet Another Password Encryption Tool
565 Copyright (C) 2008, 2009 Rafael Ostertag rafi@guengel.ch
567 This program is free software: you can redistribute it and/or modify it
569 under the terms of the GNU General Public License as published by the
570 Free Software Foundation, either version 3 of the License, or (at your
571 option) any later version.
572 This program is distributed in the hope that it will be useful, but
574 WITHOUT ANY WARRANTY; without even the implied warranty of
575 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
576 General Public License for more details.
577 You should have received a copy of the GNU General Public License along
579 with this program. If not, see http://www.gnu.org/licenses/.
580 Additional permission under GNU GPL version 3 section 7. If you modify
582 this program, or any covered work, by linking or combining it with the
583 OpenSSL project´s OpenSSL library (or a modified version of that
584 library), containing parts covered by the terms of the OpenSSL or
585 SSLeay licenses, Rafael Ostertag grants you additional permission to
586 convey the resulting work. Corresponding Source for a non-source form
587 of such a combination shall include the source code for the parts of
588 OpenSSL used as well as that of the covered work.
589
591 Copyright © 2008, 2009 Rafael Ostertag <rafi@guengel.ch>
592
594 1. http://bugs.guengel.ch
595 http://bugs.guengel.ch/
596yapet 0.6 09/04/2009 YAPET(1)