digip.org blog

Sala 1.0 released

By Petri Lehtinen on 2011-01-19

For some time now, I've been unsatisfied with the state of user names and passwords for the numerous services I use in the web. I'm having hard time to remember all the services I have singed up to and a bad habit of using a few common passwords for all of them.

So, I hacked for a while, and yestreday, I pushed the first release of sala to PyPI. It's is a simple, filesystem based, encrypted password storage system that uses GnuPG's symmetrical encryption. As usual, a git repository is available at GitHub.

The main idea of sala is to store passwords (or other tiny, plain-text secrets) in encrypted plain-text files in a directory hierarchy, like this:

|-- example-service.com
|   |-- +webmail
|   |   |-- @myuser
|   |   `-- @otheruser
|   `-- +adminpanel
|       `-- @admin
`-- my-linux-box
    |-- @myuser
    `-- @root

As sala is a command line utility and there's one file per password, tab completion and other shell goodies are available. The custom of prefixing user names with @ and category/group/subservice names with + is my own preference and not enforced by the program. You may come up with your own scheme, for example if you want to protect user names as well as the actual passwords. For more information, see the PyPI page.

Use pip install sala to install, or download the source, unpack, and invoke python setup.py install. In addition to Python 2.5 or newer, requires gpg and GnuPGInterface. Currently, Python 3 is not supported because GnuPGInterface doesn't support it.

Update: While writing this blog entry, I found a few packaging bugs, and released version 1.0.1.