...
Project description
Secrethelper
Simple command line utility for handling secrets.
Important: USE AT YOUR OWN RISK!
Use Case 1
Some commands are needed frequently but they contain secrets. Examples:
oathtool -b --totp "PV3YEM43I22ISNWK"
(based on a secret key create a time based one time password for 2FA)git pull https://some.user%40host.org:foo-bar-password@git.myservice.com/reponame
(git connection via https without being prompted for a password)
Obviously, it is insecure to store them unencrypted on your system (e.g. in your command history).
Solution: secrethelper
reads a data file (secrets.toml
) which contains encrypted versions of such commands, prompts for a password decrypts the relevant command, executes it and displays the result (and copies it into the clipboard). The actual secret is never shown.
Use Case 2
Some secrets (e. g.passwords) are important to memorize, but are needed only rarely. Thus, there are only few occations to practise them.
Solution: secrettrainer
reads a data file (secrets.toml
) which contains the (salted) hashes of such passwords. During a trainig session you are propted for some of them the correctness is determined by comparing the hashes.
Usage
secrethelper
secrethelper --help
: Show help.- short version:
-h
- short version:
secrethelper --bootstrap-data
: Createsecrets.toml
in suitable place. Example:~/.local/share/secrethelper/
(depends on OS). The content is based onsrc/secrethelper/secrets-example.toml
.- short version:
-b
- short version:
secrethelper --edit-data
: Opensecrets.toml
in the default editor.- short version:
-ed
- short version:
secrethelper --edit-data [EDITOR]
: Opensecrets.toml
in the specified editor.- short version:
-ed [EDITOR]
- example:
--edit-data codium
- short version:
secrethelper --encrypt
: Prompt for password, then prompt for some arbitrary string. Disyplay the encrypted version of the string (also copied to the clipboard). This string can be pasted directly insecrets.toml
secrethelper --decrypt-and-execute [key]
: Prompt for password, extract the encrypted command fromsecrets.toml
, execute it and disyplay the result (also copied to the clipboard).- short version:
-d [key]
- short version:
secrettrainer
secrettrainer --help
: Show help.- short version:
-h
- short version:
secrettrainer --create-training-data
: Create training data: Prompt for password (salt), prompt for secret and display salted hash of the secret (also copied to clipboard). This string can be pasted directly insecrets.toml
in section[training]
. An empty string quits the process.- short version:
-ctd
- short version:
secrettrainer
(no options/arguments): Create a suffled list of keys from section[training]
, prompt for password (used as salt for hash), prompt for secrets, compare hash display ✓ or ✗. Train 10 rounds. Empty string quits this process.
Installation and Preparation
In first terminal:
pip install secrethelper
: Install the software.secrethelper -b
Bootstrap data filesecrets.toml
.secrethelper -ed
Opensecrets.toml
in default editor.
In another terminal:
secrethelper -e
: Create and copy encrypted string → you can paste it intosecret.toml
in section[commands]
. This is for use case 1 (see above).secrethelper -ctd
: Create hashes and copy salted hashes for training → you can paste it intosecret.toml
in section[training]
. This is for use case 2 (see above).
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for pysecrethelper-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 57438f11272b4377ddcc526d5d91fcc1601f2f0ecb773835c1d500e999308b3b |
|
MD5 | 8b660b9d387f5001365b185534840e68 |
|
BLAKE2b-256 | 2f557c898a8a847ad8bcad8245a8cca6f7d35bbbda900d2e9bebf4ae37721fd8 |