I use pwsafe to store passwords on Ubuntu. It’s a *nix command line port of Counterpane’s Password Safe which uses twofish to store passwords in a database file. You can find it in the Ubuntu universe repository.
If someone somehow managed to get ahold of my shell’s history file, they’d get a lot of juicy info like:
- What system and web accounts I have.
- The names I used for my accounts which might be helpful in the cryptoanalysis of my pwsafe database.
So what I’ve done is set up zsh, my shell, to not save invocations of pwsafe in my history. With the “HIST_IGNORE_SPACE” option, you can tell zsh to ignore commands that begin with a space. I did this for a while but found myself forgetting to type the space sometimes. The trick is to set up an alias which includes a leading space:
alias pwsafe=" pwsafe"
So now whenever I run something like
pwsafe -l ubuntu.forums -up
it won’t get saved to the history file.
- The Z-Shell Manual – 16.2.4: History options