Vim and GnuPG with the GnuPG vim-plugin
---------------------------------------
Last edited: $Date: 2019/01/11 19:38:31 $
The Vim editor can be enhanced with a plethora of plugins. One of
those plugins is the gnupg.vim plugin. This plugin implements
transparent editing of GnuPG encrypted files.
The Vim plugin can be used to create and edit files to be shared
with others ("recipients").
Although this plugin is very versatile, it is often used for
transparent editing of local files that are for the eyes of the user
only and will not be shared, but are protected against unauthorised
access by the use of strong encryption.
One use case that comes to mind is to create a solution for
maintaining a password database. This is a flat file containing
information on usernames, passwords and the places to use these. But
of course it can be used for any file that needs additional
protection by strong encryption.
## Loading of the plugin
The plugin consists of a single file, "gnupg.vim", that has to be
copied to the $HOME/.vim/plugin/ directory.
The documentation of this plugin is quite sparse, it is in the
plugin file,
## Adoption in .vimrc
The use of this plugin requires some extra lines in the .vimrc file:
let g:GPGPreferArmor=1
let g:GPGDefaultRecipients=["user@example.com"]
The first line makes sure that encrypted files are saved in the so
called ascii-armor format. This means that these files are safe for
email and other solutions that require pure ASCII.
The second line is ment to be used for files that are encrypted to
one's own key. Here we set the default recipient. So if you choose
your own key here, the files will be encrypted for your own key by
default.
## Usage
### Pre-encrypted file
Own of the most simple uses is to open a ascii-armored file, like:
vim myfile.asc
You are prompted to enter the passphrase for the appropriate
GnuPG-key (unless gpg-agent will do this for you) and the file is
decrypted on the fly. The decripted version will be opened in your
Vim-buffer. After editing the file, you close it with the standard
:wq command. The file will now first be encrypted for the same key
it was previous encrypted for and the ascii-armored version of the
encrypted file will be saved to disk.
### Editing a new file
The simplest way to create a new, GnuPG encrypted file is to create
a file with Vim with the .gpg extension:
vim myfile.gpg
Vim opens with two buffers, one empty buffer for your new file and
another to enter the recipients for your file. The recipients are
the keys you want to encrypt the file for. As you have stated your
own key in your .vimrc-file, this default key will be shown in this
buffer. Just close this buffer with :q is enough to choose the
default recipient.
Now you can add content to the empty buffer and save with :wq. The
contents will be encrypted prior to be written to the file
myfile.gpg. If you like to, you can rename this file to myfile.asc.
$Id: vimgpg.txt,v 1.1 2019/01/11 19:38:31 matto Exp matto $