Man Linux: Main Page and Category List

NAME

       yapet - text based password manager

SYNOPSIS

       yapet [[-c] | [-h] | [-V]] [[-i] | [-r {rcfile}]] [[-s] | [-S]]
             [-t {sec}] [filename]

DESCRIPTION

       yapet stores passwords and associated information (referred to as
       password records) in files encrypted on disk.

       yapet does not impose a limit of password records per file and the
       number of files the passwords are stored in, although yapet is able to
       display password records of one file at a time.

       For convenience, yapet provides a search function for password records
       of the currently loaded password file.

       The password records are protected by a master password. The master
       password is used to encrypt and decrypt the password records. Remember,
       if the master password is lost, so are the records.

       yapet relies on OpenSSL for encryption and decryption of password
       records. The cipher for encryption and decryption is Blowfish with a
       448 bits key.

       Files created by yapet always have the suffix .pet. This cannot be
       changed. Also, if a file is loaded using the command line, yapet
       appends the suffix .pet to the file name unless the file name includes
       the suffix.

   Main Screen
       Invoking yapet without command line arguments given will show a screen
       as shown in Figure 1, “Main Screen”.

       Figure 1. Main Screen

                                 ..::|| YAPET 0.6 ||::..
               +---------------------------++---------------------------+
               |                           ||          K E Y S          |
               |                           ||---------------------------|
               |                           ||   S     Save File         |
               |                           ||   R     Load File         |
               |                           ||   L     Lock Screen       |
               |                           ||   A     Add Entry         |
               |                           ||   D     Delete Entry      |
               |                           ||   O     Sort Order        |
               |                           ||   /     Search            |
               |                           ||   N     Search Next       |
               |                           ||   C     Change Password   |
               |                           ||   ^L    Redraw Screen     |
               |                           ||   Q     Quit              |
               |                           ||   G     Password Generator|
               |                           |+---------------------------+
               |                           |+---------------------------+
               |                           ||                           |
               |                           ||                           |
               |                           ||                           |
               |                           ||                           |
               +---------------------------++---------------------------+
               No file loaded

       The upper right frame in Figure 1, “Main Screen” shows the function
       keys recognized by yapet. See the section called “Function Keys” for
       details about the function keys.

       The empty frame on the left side of the main screen will display the
       list of password records. The selection of the record to be viewed can
       be moved as explained in the section called “Selection Movement”.

       Only when a a password file is loaded, the lower right frame will
       display some status information as shown explained in the section
       called “Status Frame”.

   Password Record
       Passwords are stored as records having the fields as shown in Figure 2,
       “Password Record Dialog” below.

       Figure 2. Password Record Dialog

               +-P A S S W O R D  R E C O R D--------------------+
               |Name                                             |
               |_________________________________________________|
               |Host                                             |
               |_________________________________________________|
               |Username                                         |
               |_________________________________________________|
               |Password                                         |
               |_________________________________________________|
               |Comment                                          |
               |_________________________________________________|
               |                                                 |
               |[ OK ] [ Cancel ] [ Generate Password ]          |
               +-------------------------------------------------+

       The fields have the following meaning:

       Name
           The name displayed in the Main Screen.

       Host
           The host on which the password is used.

       Username
           The user name the password is associated with.

       Password
           The password to protect.

       Comment
           A comment.

       For an explanation of the Generate Password refer to the section called
       “Password Generator Dialog”.

   Function Keys
       Function keys are the keys recognized by yapet in the main screen, i.e.
       if no dialog is presented. Function keys are not case-sensitive. See
       below for an explanation of the function keys recognized:

       S
           Saves the password records to the file.

       R
           Load (read) a file from disk. This command is also used to create a
           new file. When creating a new file, enter the file name into the
           input field.  yapet will ask whether it should create the file if
           it does not exist.

       L
           Lock and blank the screen. Has only effect if a file is loaded. In
           order to unlock the screen, the password of the currently loaded
           file has to be entered.

       A
           Add a new password record to the currently loaded file. The
           password record will be permanently added to the file when the file
           is saved by pressing S.

           Before this function can be used an existing file has to be loaded
           or a new file has to be created by pressing R.

       D
           Delete a password entry from the currently loaded file. The entry
           will be permanently deleted if the file is saved by pressing S.

       O
           Change the sort order to either ascending or descending. This
           setting is not kept permanently and is lost upon restart of yapet.

           The default sort order is ascending.

       /
           Start a new search.  yapet can only search the name of the password
           records for a particular term. If the term is found, the item is
           highlighted. The search can be repeated by pressing N.

       N
           Repeat the search using the search term specified by invoking the
           search functionality by pressing /.

       C
           Change the master password of the currently loaded file. This
           action requires to save all changes first. The file with the old
           master password will be saved as filename.pet.bak where filename is
           the name of the currently loaded file.

       CTRL+L (^L)
           Redraws the screen.

       Q
           Quit yapet. If changes were not saved yapet will ask whether they
           should be saved or not. Regardless of the answer, yapet quits,
           either saving the changes or discarding them.

       G
           Open the Password Generator Dialog. See the section called
           “Password Generator Dialog” for further information.

   Dialogs
       Frames appearing on top of the Main Screen are called Dialogs. They are
       comprised of widgets which can take input from the user.

       The Tab key will switch the focus to the next widget. Be aware that
       Shift+Tab does not work for focusing the previous widget.

       By pressing the Esc key dialogs will be canceled and closed.

       Password Generator Dialog
           yapet may compute random password of arbitrary length using
           characters from different character pools.

           In the Main Screen, pressing G will bring up the Password Generator
           Dialog, which simply generates passwords.

           The check boxes can be selected by pressing either Enter or Space
           keys, the Down and Up keys will selected the next or previous check
           box, respectively. Pressing the Tab will leave the check boxes and
           focus the Regenerate button, which can be used to regenerate the
           password with the options set.

           By pressing the Generate Password button in the Password Record
           Dialog the Password Generator Dialog will also be displayed.
           Additionally, the generated password can be inserted into the
           Password Record by pressing OK. Any previous password will replaced
           by the generated password.

           See the section called “Configuration File” on how the password
           generator options can be preset.

   Selection Movement
       The keys explained below are recognized for selection movement in list
       widgets, such as the password records list or the lists used by the
       File Open dialog.

       Up, k, Down, j
           Moves the selection one item up (Up, k) or down (Down, j).

       Page Up, Page Down
           Scrolls one screen-full up (Page Up) or down (Page Down).

       Home, End
           Scrolls to the beginning (Home) or the end (End) of the list.

       Enter
           Chooses the selected item.

   Cursor Movement
       Cursor movement, whether in clear text or password fields, is
       accomplished by using the following keys:

       Left, Up
           Moves the cursor one character to the left. In password fields, it
           deletes the character to the left of the current cursor position.

       Right, Down
           Moves the cursor one character to the right. In password fields,
           these keys do nothing.

       Home
           Moves the cursor at the beginning of the input field.

       End
           Moves the cursor at the end of the input field.

       Backspace
           Moves the cursor one character to the right and deletes the
           character at this position.

       Delete
           Keeps the cursor at the current position and deletes the character
           on the right, shifting remaining characters to the left.

       Enter, Tab
           The input is confirmed and the next widget will be focused.

   Configuration File
       If the file $HOME/.yapet exists, yapet reads by default options
       provided in this file. You may specify a different configuration file
       by using the -r option (see the section called “OPTIONS”). Options
       given on the command line have precedence over options given in a
       configuration file.

       The configuration file has the following syntax:

       option=value

       where option can be any of the following:

       load
           The file to load upon start of yapet.

           Equivalent to providing a filename when invoking yapet.

           A ~ (tilde) sign as the first character of the file path will be
           replaced by the home directory of the user running yapet.

           Default: not set

       locktimeout
           A positive integer specifying the time of inactivity in seconds
           until the screen is locked.

           Equivalent to providing the -t option when invoking yapet.

           Default: 600

       checkfsecurity
           A value of 1 (one) or 0 (zero). A value of 1 enables the
           verification of the file owner and permissions when loading a file.
           A value of 0 disables the verification of the file owner and
           permissions when loading a file.

           Equivalent to providing the -S (same as 1) or -s (same as 0)
           options when invoking yapet.

           Default: 1

       ignorerc
           A value of 1 (one) or 0 (zero). A value of 1 lets yapet ignore the
           options provided in the configuration file (see also the -i in the
           section called “OPTIONS”). A value of 0 has no effect on the
           processing of the configuration file.

           Default: 0

       pwgen_rng
           The random number generator used to generate passwords. Possible
           values are

           devrandom
               Requests the use of /dev/random. This is a high-quality random
               number generator. However, if the system lacks entropy, reading
               from this device may block, thus making yapet unresponsive.

           devurandom
               Requests the use of /dev/urandom. This is a quality random
               number generator similar to /dev/random but not of the same
               quality.

               Using this random number generator will not block as opposite
               to /dev/random.

           lrand48
               Requests the use of lrand48. This is low-quality random number
               generator and should be used only if none of the above two
               random number generators are available.

           rand
               Requests the use of rand. This is a last resort random number
               generator and should not be used.

           If the random number generator requested is not available on the
           system, yapet searches for a suitable alternative.

           Default: devurandom

       pwgen_pwlen
           A positive integer greater than zero specifying the default
           password length used by the Password Generator Dialog.

           Default: 10

       pwgen_letters
           A value of 1 (one) or 0 (zero). A value of 1 will preselect Letters
           check box of the Password Generator Dialog. 0 does not preselect
           Letters check box.

           Default: 1

       pwgen_digits
           A value of 1 (one) or 0 (zero). A value of 1 will preselect Digits
           check box of the Password Generator Dialog. 0 does not preselect
           Digits check box.

           Default: 1

       pwgen_punct
           A value of 1 (one) or 0 (zero). A value of 1 will preselect
           Punctuation check box of the Password Generator Dialog. 0 does not
           preselect Punctuation check box.

           Default: 1

       pwgen_special
           A value of 1 (one) or 0 (zero). A value of 1 will preselect Special
           check box of the Password Generator Dialog. 0 does not preselect
           Special check box.

           Default: 1

       pwgen_other
           A value of 1 (one) or 0 (zero). A value of 1 will preselect Other
           check box of the Password Generator Dialog. 0 does not preselect
           Other check box.

           Default: 0

       See the section called “EXAMPLES” for examples of configuration files.

       Options are case-sensitive. Spaces are not allowed before or after the
       equal sign. Syntax errors and unrecognized options are ignored
       silently.

   Status Frame
       When a password file is loaded, yapet displays some status information
       in the lower right frame as shown in Figure 3, “The Status Frame”

       Figure 3. The Status Frame

               +--------------------------------------+
               | File permission check: enabled       |
               | Screen lock time-out: 600 sec        |
               | 1 entries (+)  (V: 1)                |
               | PW set: Sat Aug 22 11:49:46 2009     |
               +--------------------------------------+

       File permission check is explained in the section called “OPTIONS”
       under the -s and -S options.

       The next line labeled Screen lock time-out displays how long yapet will
       wait for a key press until the screen is locked.

       The third line is giving a count of the password records in the
       currently loaded file. The (+) sign indicates that there are unsaved
       modifications in one or more password records. Absence of this sign
       indicates that no changes have been made to the records.

       The (V: 1) label indicates that the file currently loaded was created
       with yapet version 0.5 or earlier. A file created with version 0.6 or a
       file created with yapet version prior 0.6 having its master password
       changed using yapet 0.6 will display (V: 2).

       The fourth and last line shows the date the current master password has
       been set.

   Caution
       Although several precautions were taken to avoid having any passwords
       stored clear text in memory, there were occasions when core files
       contained the master password. This means that it is possible, though
       not likely, for a malicious user to get hold of one or more passwords
       while YAPET is running.

   Format of YAPET Files
       Please refer to the DESIGN in source code distribution or point your
       browser to http://www.guengel.ch/myapps/yapet/.

OPTIONS

       The following options are supported:

       -c, --copyright
           Show the copyright information.

       -h, --help
           Print a help text.

       -i, --ignore-rc
           Do not read the configuration file. See also the ignorerc option in
           the section called “Configuration File”.

       -r rcfile, --rc-file rcfile
           Read the configuration file specified by rcfile. If this option is
           not given, the default configuration file read is $HOME/.yapet
           unless -i is specified.

       -s, --no-file-security
           Disable the check for the owner and file mode when loading files.
           Without this option, yapet checks password files for having the
           same owner as the user running yapet and verifies that the file
           mode is strictly 0600. If one of these conditions are not met,
           yapet refuses to load the file. Providing this options disables
           those checks and yapet will load files with owners other than the
           process owner of yapet and file modes different from 0600.

           New files saved while this option is active will have the file mode
           set to 0644.

       -S, --file-security
           Enable the check for the owner and file mode when loading files.
           This option makes yapet to load password files having the owner set
           to the process owner of yapet and the file mode strictly set to
           0600 only. If one of these conditions are not met, yapet refuses to
           load the file.

           New files saved while this option is active will have the file mode
           set to 0600.

           This is the default mode.

       -t sec, --timeout sec
           Set the timeout until the screen is locked to sec seconds. The
           minimum time allowed is 10 seconds. If a lower value is provided,
           the timeout will be set to 10 seconds.

       -V, --version
           Show the version of yapet.

       filename
           The file to open upon invocation of yapet. If the file does not
           exist, yapet asks whether it should be created.

           Files created by yapet always have the suffix .pet.

EXAMPLES

       Example 1. Example of an yapet configuration file

           load=/home/joe/passwords
           locktimeout=300
           checkfsecurity=0
           pwgen_pwlen=8

       In this example, the file /home/joe/passwords will be loaded upon
       invocation of yapet. The timeout until the screen is locked is set to
       300 seconds. File permissions will not be verified.

       The Password Generator Dialog will have preset the Password Length to 8
       characters.

       Example 2. Example of an yapet configuration file

           locktimeout=150
           checkfsecurity=1
           pwgen_other=1

       In this example, no file will be automatically loaded upon invocation
       of yapet. The timeout until the screen is locked is set to 150 seconds.
       File permissions and owner will be verified.

       The Password Generator Dialog will have preset the Other check box
       checked.

       Example 3. Example 1 revisited

           load=~/passwords.pet
           locktimeout=300
           checkfsecurity=0
           pwgen_pwlen=8

       This example has the same effect as Example 1, “Example of an yapet
       configuration file”. But instead of specifying the full path to the
       home directory, the ~ (tilde) sign is used, which is expanded to the
       home directory automatically. The .pet suffix can be specified, but if
       omitted it will be appended automatically.

FILES

       $HOME/.yapet
           The per-user configuration file. If existing, options are read from
           this file but can be overridden by the command line options.

           Processing of this file can be disabled by invoking yapet with the
           -i option.

           Refer to the the section called “Configuration File” for an
           explanation of the per-user configuration file.

ENVIRONMENT

       LC_MESSAGES
           Printing messages in the specified language. Currently only German
           is supported besides English.

BUGS

       Please report bugs to the author (see the section called “AUTHOR”), or
       (preferably) point your browser to http://bugs.guengel.ch[1] and create
       a bug report.

AUTHOR

       Rafael Ostertag rafi@guengel.ch

SEE ALSO

       csv2yapet(1), curses(3X), ssl(3), crypto(3)

AVAILABILITY

       The latest version of yapet can be found under
       http://www.guengel.ch/myapps/yapet/.

LICENSE

       YAPET -- Yet Another Password Encryption Tool

       Copyright (C) 2008, 2009 Rafael Ostertag rafi@guengel.ch

       This program is free software: you can redistribute it and/or modify it
       under the terms of the GNU General Public License as published by the
       Free Software Foundation, either version 3 of the License, or (at your
       option) any later version.

       This program is distributed in the hope that it will be useful, but
       WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
       General Public License for more details.

       You should have received a copy of the GNU General Public License along
       with this program. If not, see http://www.gnu.org/licenses/.

       Additional permission under GNU GPL version 3 section 7. If you modify
       this program, or any covered work, by linking or combining it with the
       OpenSSL project´s OpenSSL library (or a modified version of that
       library), containing parts covered by the terms of the OpenSSL or
       SSLeay licenses, Rafael Ostertag grants you additional permission to
       convey the resulting work. Corresponding Source for a non-source form
       of such a combination shall include the source code for the parts of
       OpenSSL used as well as that of the covered work.

COPYRIGHT

       Copyright © 2008, 2009 Rafael Ostertag <rafi@guengel.ch>

NOTES

        1. http://bugs.guengel.ch
           http://bugs.guengel.ch/