Tag Archives: encrypt

nodau: Take note

nodau, which is the last title for today, is a very simple note taker — in fact, both the Debian version and the AUR description say so.


It’s so simple in fact, that if you clicked on that home page link above, you’ll know that the site itself is effectively blank. That’s pretty simple. 😯

Okay, bad joke. The implications of that empty space in the Whirled Why’d Web are few, but noteworthy πŸ˜‰ : Arch users who want to give this a try will probably need to wrangle with the source code (which is newer) mirrored in the Debian version.

I know, it’s an added hassle, but it’s worth it. nodau, you see, does a few things that I think are worth note. Get it? Worth note! Ha! πŸ˜› 😦

First, a quick overview. nodau works in a command-interpret style, with the nodau executable taking a command and doing as it’s told. nodau help lists all its vocabulary. nodau list shows you all the notes it has on file. And so forth. It’s not an innovative style, but it’s quick for adoption.

nodau is smart enough to grab your $EDITOR if you declare one, and let you use that in your notable adventures, so if you’re severely addicted to vim or emacs, don’t feel like you’ll have to learn an entirely new editor.

On the other hand, if you are among the sane members of Homo sapiens who reside on this planet (or off it, I guess πŸ™„ ), nodau provides its own, very basic, very simple text editor to supplement its filing and listing abilities. It’s not flashy and wouldn’t make much of an impression were it to grace this list of its own merit, but it will do.

So you have that ability — to swap out the editor that nodau uses. I like that.

The second option worth listing though, is probably even more useful: nodau can encrypt notes, meaning you can protect prying eyes from reading the next chapter of your Harry Potter/Star Wars fan fiction crossover epic. πŸ™„ I am full of such wit today. …

Once encrypted, a note becomes obscured and won’t be readable or editable without a password. Tell nodau to unencrypt it, and the note returns to its plain text heritage. I will let you research and judge if nodau’s encryption will pass muster, but I think short of security geeks, criminal cartels and corrupt governments, it will probably offer a reasonable degree of protection.

From what I can tell, nodau keeps its data in ~/.local/share/nodau/, so if you go looking for a local copy, I’d encourage you to start there. And yes, I checked, and the encryption appears effective at a cursory glance.

I won’t hold out nodau as some sort of security application that will prevent hackers from stealing your credit card number, but it does strike me as an unusual feature for an otherwise simple note-taking program. A solid thumbs-up for nodau. πŸ˜‰

mnemonicode: At long last we meet

I’ve been waiting quite a while to see mnemonicode pop up in the rotation. I remember adding it to the list a long while back and thinking, “That is really cool.”

mnemonicode is not a new tool; in fact, the GitHub repo I linked to is just a six-year-old (?) mirror of the original, which is apparently no longer online (but is archived, thank goodness). But I’m really glad I found it, and that Stephen Paul Weber uploaded it there.

What’s so great about it? Well, if you’re like me, and your passwords are just 12-digit strings of random letters and numbers, they can get a little clunky to remember. (But they are fairly time-consuming to force.) Unless the password actually has some intrinsic meaning to it, which mine don’t, it can be a challenge. Of course, that’s the purpose of having such an obtuse password.

But here’s what mnemonicode can do, with its mnencode and mndecode tools:

kmandla@6m47421: ~$ echo TxFX0rxNFkVN | mnencode 

See where this is going yet?

kmandla@6m47421: ~$ echo "nova-figure-peru--george-side-ninja
> jargon-contact-ninja--airline" | mndecode

No longer do I need to remember a string of 12 characters or letters. If I can recall the normal English words, hyphens and line breaks that mnencode gave me, I can translate it back as a matter of course.

To the best of my knowledge, this is not an additional layer of encryption. I’m not actually making the password any more secure than if I had converted with something like rot13. But it does make it easier to remember.

I’d also be a little more comfortable relaying words or sequences of numbers to someone, perhaps written down or face-to-face, if I knew they were going to pipe it back through mndecode later. Which may be part of its history, actually.

mnemonicode could use a little attention these days; aside from the archived explanation of the original program, the GitHub version doesn’t seem to have any documentation. What little I know is through experimentation.

mnemonicode is in AUR and in Sid; I’m glad to see that since I have a feeling this could be something useful in my encrypted live system. It would at least help me remember some of the more eccentric passwords I use. 😐

P.S.: No, those are not my real passwords. You should know better than that.

steghide: Naughty, naughty

Things like steghide make me wonder exactly how much trouble I could stir up, given adequate time of course.

steghide is that tool you’ve known existed for a long time, but didn’t want to ask about. Put simply, steghide embeds encrypted files within others — possibly images or sound files.

I haven’t tried every variation, mostly because seeing steghide work once was enough to convince me that I can metaphorically stash it in my pocket, and save it for a time when I really need it.

Here’s what it looks like. Ladies and gentlemen, I give you … Tux.


You may recognize Tux from films and movies. And now, Tux’s doppleganger, his evil Captain Kirk:


You wouldn’t know it to look at him, but the Evil Tux is hiding a dark secret. We should suspect that just by looking at the file size.

kmandla@6m47421: ~/downloads$ ls -sh
 40K 2014-05-10-6m47421-steghide-tux-original.jpg
 48K 2014-05-10-6m47421-steghide-tux-embedded.jpg

There’s something … odd about Evil Tux. Check with steghide, and it will confirm it for us.

kmandla@6m47421: ~/downloads$ steghide info 2014-05-10-6m47421-steghide-tux-embedded.jpg 
  format: jpeg
  capacity: 1.9 KB
Try to get information about embedded data ? (y/n)

Naughty, naughty. What’s this you’re carrying, Evil Tux? And more importantly, where have you hidden it? 😯

Try to get information about embedded data ? (y/n) y
Enter passphrase: 
  embedded file "secret.txt":
    size: 70.0 Byte
    encrypted: rijndael-128, cbc
    compressed: yes

steghide can yank that out of there in a jiffy. Just:

kmandla@6m47421: ~/downloads$ steghide extract -sf 2014-05-10-6m47421-steghide-tux-embedded.jpg 
Enter passphrase: 
wrote extracted data to "secret.txt".

kmandla@6m47421: ~/downloads$ cat secret.txt
Now is the time for all good men to come to the aid of their country.

Well that was anticlimactic. 😐 You can try it for yourself if you like. The password is 12345.

steghide has a lot options, and what you see above was just blatantly stolen from the quickstart guide. I imagine just about any file could be embedded into any other; like I said though, I didn’t try every variation.

Don’t get yourself into trouble, now. 😈

pwcrypt: On-the-fly password encryption

I like finding applications that are 10 or 15 years old, and discovering that they still work fine in spite of their age.

To the best of my knowledge, pwcrypt works just as well now as it did way back in 2000, when it was released into the wild.


If I understand the README file right, pwcrypt allows you to inject a password and have it display as encrypted text, which might be useful in scripts and so forth.

I can’t think of a reason offhand that I would need it, personally, but it’s possible that you might see a niche where it will fit. The author has some better suggestions in the documentation.

pwcrypt has about five options, none of which are difficult to decode. And as you can see in the screenshot, it seems to do its job well … inasmuch as the results are completely indecipherable to me. πŸ™„

Believe it or not, that’s about all I can think of to say. It’s a short little program, it didn’t give me any stress in compiling, and it seems to do what it claims.

Can’t ask for more than that. πŸ˜€

P.S.: This one is not in AUR or Debian. A wild program, running free! 😯

luksus: Step-by-step encryption

I got a link via e-mail to luksus, and as I am more and more a fan of data encryption these days, I made a point of including it here.

2013-12-27-lv-r1fz6-luksus-01 2013-12-27-lv-r1fz6-luksus-02

Results have been … satisfactory, although luksus is a script that I have a few persnickety complaints about.

What I’ve seen of luksus so far suggests that it will handle encryption of USB keys or partitions on external drives with a minimum of effort.

It comes armed with both AES and TrueCrypt support (provided they are installed on your system), and appears poised to add gnupg and a couple others.

Perhaps even better, the scripts are usable not only in Linux but with some *BSDs as well … and we all know how security-minded those guys and girls are.

(Yes, I have thought about jumping ship. Experimenting with *BSD is on my to-do list. … 😯 )

Is this necessarily better than doing it yourself with something like cryptsetup or ccrypt? That’s up to you.

My own complaints about luksus are strictly minor — the long wait while the drive is shredded, and some issues with naming a volume that triggered errors. And it seems the information supplied in the command are repeated later in the dialog windows.

I still trust and rely on gnupg over anything, and fully encrypted volumes still make me a little nervous. Of course most of my needs for encryption involve transmitting encrypted files across the Internet, which is only somewhat practical for luksus.

I’m willing to poke around with luksus a little more though; tools like this are more and more useful as time goes on.