#!/usr/bin/ruby # author: nishiki # mail: nishiki@yaegashi.fr # info: a simple script who manage your passwords require 'rubygems' require 'gpgme' require 'csv' FILE_GPG = './pass.gpg' KEY = 'a.waksberg@yaegashi.fr' FILE_PWD = '/tmp/.password-manager.pwd' TIMEOUT_PWD = 300 class ManagePasswd ID = 0 TYPE = 1 SERVER = 2 LOGIN = 3 PASSWORD = 4 PORT = 5 COMMENT = 6 # Constructor # @args: key -> # file_gpg -> # file_pwd -> # timeout_pwd -> def initialize(key, file_gpg, file_pwd, timeout_pwd=300) @key = key @file_gpg = file_gpg @file_pwd = file_pwd @timeout_pwd = timeout_pwd if File.exist?(@file_gpg) if not self.decrypt() exit 2 end else @data = "" end end # Decrypt a gpg file # @rtrn: true if data is decrypted def decrypt() if File.exist?(@file_pwd) && File.stat(@file_pwd).mtime.to_i + @timeout_pwd < Time.now.to_i File.delete(@file_pwd) end begin passwd = IO.read(@file_pwd) rescue print "Password GPG: " passwd = $stdin.gets file_pwd = File.new(@file_pwd, 'w+') file_pwd << passwd file_pwd.close File.chmod(0600, @file_pwd) end begin crypto = GPGME::Crypto.new(:armor => true) @data = crypto.decrypt(IO.read(@file_gpg), :password => passwd).read return true rescue puts "Your passphrase is probably wrong!" File.delete(@file_pwd) return false end end # Encrypt a file def encrypt() begin crypto = GPGME::Crypto.new(:armor => true) file_gpg = File.open(@file_gpg, 'w+') crypto.encrypt(@data, :recipients => @key, :output => file_gpg) file_gpg.close return true rescue puts "Error during the encrypting file" return false end end # Search in some csv data # @args: search -> the string to search # type -> the connection type (ssh, web, other) # @rtrn: a list with the resultat of the search def search(search, type=nil) result = Array.new() @data.lines do |line| row = line.parse_csv if line =~ /^.*#{search}.*$/ if type.nil? || type.eql?(row[TYPE]) result.push(row) end end end return result end # Display the connections informations for a server def display(search, type=nil) result = self.search(search, type) if result.length > 0 result.each do |r| puts "# --------------------" puts "# Id: #{r[ID]}" puts "# Server: #{r[SERVER]}" puts "# Type: #{r[TYPE]}" puts "# Login: #{r[LOGIN]}" puts "# Password: #{r[PASSWORD]}" puts "# Port: #{r[PORT]}" puts "# Comment: #{r[COMMENT]}" end return true else puts "Nothing result!" return false end end # Add a new item def add() row = Array.new() puts "# Add a new password" puts "# --------------------" row[ID] = Time.now.to_i.to_s(16) print "Enter the server name or ip: " row[SERVER] = $stdin.gets.chomp print "Enter the type of connection (ssh, web, other): " row[TYPE] = $stdin.gets.chomp print "Enter the login connection: " row[LOGIN] = $stdin.gets.chomp print "Enter the the password: " row[PASSWORD] = $stdin.gets.chomp print "Enter the connection port (optinal): " row[PORT] = $stdin.gets.chomp print "Enter a comment (optinal): " row[COMMENT] = $stdin.gets.chomp @data << "#{row.join(',')}\n" end # Update an item # @args: id -> the item's identifiant def update(id) data_tmp = '' @data.lines do |line| row = line.parse_csv if id.eql?(row[ID]) row_update = Array.new() puts "# Add a new password" puts "# --------------------" print "Enter the server name or ip [#{row[SERVER]}]: " server = $stdin.gets.chomp print "Enter the type of connection [#{row[TYPE]}]: " type = $stdin.gets.chomp print "Enter the login connection [#{row[LOGIN]}]: " login = $stdin.gets.chomp print "Enter the the password: " passwd = $stdin.gets.chomp print "Enter the connection port [#{row[PORT]}]: " port = $stdin.gets.chomp print "Enter a comment [#{row[COMMENT]}]: " comment = $stdin.gets.chomp row_update[ID] = row[ID] server.empty? ? (row_update[SERVER] = row[SERVER]) : (row_update[SERVER] = server) type.empty? ? (row_update[TYPE] = row[TYPE]) : (row_update[TYPE] = type) login.empty? ? (row_update[LOGIN] = row[LOGIN]) : (row_update[LOGIN] = login) passwd.empty? ? (row_update[PASSWORD] = row[PASSWORD]) : (row_update[PASSWORD] = passwd) port.empty? ? (row_update[PORT] = row[PORT]) : (row_update[PORT] = port) comment.empty? ? (row_update[COMMENT] = row[COMMENT]) : (row_update[COMMENT] = comment) data_tmp << "#{row_update.join(',')}\n" else data_tmp << line end end @data = data_tmp end # Remove an item # @args: id -> the item's identifiant def remove(id) data_tmp = '' @data.lines do |line| row = line.parse_csv if id.eql?(row[ID]) puts "The item #{row[ID]} has been removed!" else data_tmp << line end end @data = data_tmp end # Connect to ssh && display the password # @args: search -> def ssh(search) result = self.search(search, 'ssh') if result.length > 0 result.each do |r| server = r[SERVER] login = r[LOGIN] port = r[PORT] passwd = r[PASSWORD] if port.empty? port = 22 end if passwd.empty? system("#{passwd} ssh #{login}@#{server} -p #{port}") else system("sshpass -p #{passwd} ssh #{login}@#{server} -p #{port}") end end return true else puts "Nothing result!" return false end end # Display help def help() puts "# HELP" puts "# --------------------" puts "Add a new item: -a" puts "Update an item: -u ID" puts "Remove an item: -r ID" puts "Show a item: -d search [type]" puts "Connect ssh: -s search" end end manage = ManagePasswd.new(KEY, FILE_GPG, FILE_PWD) num_argv = ARGV.length # Display the item's informations if num_argv >= 2 && ARGV[0] == '-d' if num_argv == 3 manage.display(ARGV[1], ARGV[2]) else manage.display(ARGV[1]) end # Remove an item elsif num_argv == 2 && ARGV[0] == '-r' manage.remove(ARGV[1]) manage.encrypt() # Update an item elsif num_argv == 2 && ARGV[0] == '-u' manage.update(ARGV[1]) manage.encrypt() # Connect to ssh elsif num_argv == 2 && ARGV[0] == '-s' manage.ssh(ARGV[1]) # Add a new item elsif num_argv == 1 && ARGV[0] == '-a' manage.add() manage.encrypt() # Display help else manage.help() end