使用Vim加密文件

Vim可以加密文档,不知道吧?

:X
Enter encryption key: ******
Enter same key again: ******

输入的密码保存在*key option*中。输入上面命令后不会立刻加密,在保存文件的时候才会执行加密。

重新打开加密文件,Vim会要求你输入密码:

Need encryption key for "diary.rst"
Enter encryption key: ******

如果密码错误,Vim还是会打开文件,不过显示的是乱码。

编辑加密过的文件的时候,对应的swap文件和undo文件也是加密的,不过内存中的没有加密。viminfo文件也没有加密,因此不建议使用。

:set viminfo=

如果要禁用加密,清空key值即可:

: set key=

聪明的童鞋马上想到了,可以这样加密呀:

: set key=password

但这样加密的缺点是显而易见的:密码是明文。

而使用 :X 加密的话,不仅输入密码时显示为*从而防止偷窥,而且关键是 :set 也查看不到。

( amoblin注:不过在Vim7.3下后者通过 :set 也查看不到 )

从7.3版起,Vim支持了Blowfish加密。以前只有pkzip-compatible这一种加密方法。通过下面的方法来设置使用哪一种加密方法,保存文件的时候生效:

:setlocal cm=zip
:setlocal cm=blowfish

cm是 "cryptmethod" 的缩写。Pkzip是弱加密,但是兼容7.2及更老版本;Blowfish更安全。帮助文档里这样描述pkzip加密方法:

(加密)算法比较脆弱。破解4字符的密码大约需要1小时,6字符是1天(Pentium 133 PC)。
" This require that you know some text that must appear in the file. "。
解密专家可以破解任意密码。当文件被破解后,也能反推出密码,这样其他使用同样密码的加密文件就。。。

原文:

Vim can encrypt your documents. :X prompts for an encryption key, which is stored in the key option. The file will remain unchanged until you write it.

When you reopen the file, Vim will ask for the key; if you enter the wrong key, Vim will simply open the file as-is, which will look like gibberish. The text in the swap file and the undo file is also encrypted; the text in memory is not encrypted. The viminfo file is not encrypted, and should not be used:

:set viminfo=

If you want to disable encryption, just empty the key option:

:set key=

The difference between :X and :set key=something is that :X displays asterisks as you type, so that no one can peek at your encryption key. Also, :set commands may end up in your viminfo file.

From version 7.3, Vim supports Blowfish encryption as well as a pkzip-compatible method. To choose which one to use, type one of these two before writing the file:

:setlocal cm=zip :setlocal cm=blowfish

cm is an abbreviation for cryptmethod. Pkzip is a weak encryption method, but compatible with Vim 7.2 and older; Blowfish is strong. The help file has this to say about the pkzip method:

The algorithm used is breakable. A 4 character key in about one hour, a 6 character key in one day (on a Pentium 133 PC). This requires that you know some text that must appear in the file. An expert can break it for any key. When the text has been decrypted, this also means that the key can be revealed, and other files encrypted with the same key can be decrypted.

Some older Vim versions (older than 7.1, at least) ask only once for the password -- if you happen to mistype it, then good luck finding out what you mistyped.

http://vim.wikia.com/wiki/Encryption

tagged by
comments powered by Disqus