File: README.html

package info (click to toggle)
yapet 0.6-3
  • links: PTS
  • area: main
  • in suites: squeeze
  • size: 6,012 kB
  • ctags: 2,913
  • sloc: ansic: 13,661; cpp: 11,384; sh: 4,814; makefile: 847; yacc: 291; sed: 16
file content (82 lines) | stat: -rw-r--r-- 13,233 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>YAPET - Yet Another Password Encryption Tool 0.6</title><meta name="generator" content="DocBook XSL Stylesheets V1.74.3" /></head><body><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="id2510777"></a>YAPET - Yet Another Password Encryption Tool 0.6</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Rafael</span> <span class="surname">Ostertag</span></h3></div></div><div><p class="releaseinfo">
      $Id: README.sgml.in 2904 2009-09-04 05:11:30Z rafi $
    </p></div><div><p class="copyright">Copyright © 2008, 2009 Rafael Ostertag &lt;rafi@guengel.ch&gt;</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#intro">Introduction</a></span></dt><dt><span class="sect1"><a href="#platforms">Supported Platforms</a></span></dt><dt><span class="sect1"><a href="#features">Features</a></span></dt><dt><span class="sect1"><a href="#importantchanges">Important Changes</a></span></dt><dd><dl><dt><span class="sect2"><a href="#changesversion0.6">Version 0.6</a></span></dt></dl></dd><dt><span class="sect1"><a href="#installation">Installation</a></span></dt><dt><span class="sect1"><a href="#usage">Usage</a></span></dt><dt><span class="sect1"><a href="#design">Design</a></span></dt><dt><span class="sect1"><a href="#caution">A Word of Caution</a></span></dt><dt><span class="sect1"><a href="#license">License</a></span></dt></dl></div><div class="sect1" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="intro"></a>Introduction</h2></div></div></div><p>YAPET is a text based password manager using the Blowfish
    encryption algorithm to store password and associated information encrypted
    on disk. Its primary aim is to provide a safe way to store passwords in a
    file on disk while having a small footprint, and compiling and running
    under today's most popular Unix Systems.</p><p>YAPET does not impose a limit of password records per file and the
    number of files the passwords are stored in, although YAPET is only able to
    display password records of one file at a time.</p><p>For convenience, YAPET provides a search function for password records
    of the currently displayed password file.</p><p>The password records are protected by a master password. The master
    password is used to encrypt and decrypt the password records.</p><p>YAPET relies on OpenSSL for encrypting and decrypting password
    records. The cipher for encryption and decryption is Blowfish with a 448
    bits key.
    </p></div><div class="sect1" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="platforms"></a>Supported Platforms</h2></div></div></div><p>YAPET has been tested to build and run on following platforms:</p><p>
       </p><div class="itemizedlist"><ul type="disc"><li><span class="trademark">FreeBSD</span>®</li><li><span class="trademark">Sun</span>™
<span class="trademark">Solaris</span>™ x86</li><li>Linux</li><li>Cygwin</li></ul></div><p>
     </p><p>If you want to use YAPET under Cygwin, you may want to read the
    <code class="filename">README.Cygwin</code> file.</p></div><div class="sect1" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="features"></a>Features</h2></div></div></div><p>YAPET features:</p><p>
      </p><div class="itemizedlist"><ul type="disc"><li><p>Blowfish encryption (<a class="ulink" href="http://www.schneier.com/blowfish.html" target="_top">http://www.schneier.com/blowfish.html</a>)
	  with 448 bits key using the OpenSSL library (<a class="ulink" href="http://www.openssl.org/" target="_top">http://www.openssl.org/</a>).</p></li><li><p>passwords are not kept clear text in memory.</p></li><li><p>doesn't depend on graphical user interfaces and their
	  "dependency hell" due to a text based user interface.</p></li><li><p>only dependent of two libraries: OpenSSL (<a class="ulink" href="http://www.openssl.org" target="_top">http://www.openssl.org</a>)
	      and curses or ncurses (<a class="ulink" href="http://www.gnu.org/software/ncurses/" target="_top">http://www.gnu.org/software/ncurses/</a>).</p></li><li><p>locks the terminal on inactivity.</p></li><li><p>a utility to convert CSV files to the native YAPET format.</p></li><li><p>built-in password generator.</p></li></ul></div><p>
    </p></div><div class="sect1" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="importantchanges"></a>Important Changes</h2></div></div></div><div class="sect2" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="changesversion0.6"></a>Version 0.6</h3></div></div></div><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>
	  The file structure of YAPET files has changed in version 0.6. You are
	  strongly advised to make backup copies of your files before using
	  YAPET 0.6.
	</p></div><p>A design flaw in YAPET may prevent the exchange of YAPET files
      between different processor architectures (64/32 bit) due to varying
      header sizes in YAPET files.</p><p>All YAPET versions prior YAPET 0.6 are affected by this issue.</p><p>Starting with YAPET 0.6, the header size of YAPET files remains
      stable across processor architectures, thus exchanging YAPET files is
      possible unimpeded.</p><p>YAPET 0.6 will read and write version 0.5 or earlier files. Reading,
      deleting, and/or adding records won't update the file structure to
      version 0.6. However, changing the master password (or setting the same
      password again, for this matter) using YAPET 0.6 will update the file
      version to 0.6.</p><p>YAPET prior version 0.6 can read and write version 0.6 files, but it
      might be observed that the date when the master password was last changed
      is displayed incorrectly. YAPET prior 0.5 will update the file structure
      to pre-version 0.6 upon master password change. See <a class="xref" href="#tab.ver0.5compatsmall" title="Table 1. File Compatibility Matrix of YAPET 0.5 or earlier">Table 1, “File Compatibility Matrix of YAPET 0.5 or earlier”</a> for an overview of the compatibility
      issues in YAPET 0.5 or earlier.</p><div class="table"><a id="tab.ver0.5compatsmall"></a><p class="title"><b>Table 1. File Compatibility Matrix of YAPET 0.5 or earlier</b></p><div class="table-contents"><table summary="File Compatibility Matrix of YAPET 0.5 or earlier" border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="center" /><col align="center" /><col align="center" /><col align="center" /><col align="center" /><col align="center" /></colgroup><thead><tr><th rowspan="4" align="left">
		YAPET running on
	      </th><th colspan="8" align="center">
		File created
	      </th></tr><tr><th colspan="4" align="center">Version 0.5 or earlier</th><th colspan="4" align="center">Version 0.6</th></tr><tr><th colspan="2" align="center">Little Endian</th><th colspan="2" align="center">Big Endian</th><th colspan="2" align="center">Little Endian</th><th colspan="2" align="center">Big Endian</th></tr><tr><th align="center">32bit</th><th align="center">64bit</th><th align="center">32bit</th><th align="center">64bit</th><th align="center">32bit</th><th align="center">64bit</th><th align="center">32bit</th><th align="center">64bit</th></tr></thead><tbody><tr><td align="left">Little Endian 32bit<sup>[<a id="fnote.ledesc" href="#ftn.fnote.ledesc" class="footnote">a</a>]</sup></td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td></tr><tr><td align="left">Little Endian 64bit<sup>[<a href="#ftn.fnote.ledesc" class="footnoteref">a</a>]</sup></td><td align="center">no</td><td align="center">yes</td><td align="center">no</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td></tr><tr><td align="left">Big Endian 32bit
	      <sup>[<a id="fnote.bedesc" href="#ftn.fnote.bedesc" class="footnote">b</a>]</sup>
	      </td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td></tr><tr><td align="left">Big Endian 64bit<sup>[<a href="#ftn.fnote.bedesc" class="footnoteref">b</a>]</sup></td><td align="center">no</td><td align="center">yes</td><td align="center">no</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td><td align="center">yes</td></tr></tbody><tbody class="footnotes"><tr><td colspan="9"><div class="footnote"><p><sup>[<a id="ftn.fnote.ledesc" href="#fnote.ledesc" class="simpara">a</a>] </sup>AMD, Intel, etc.</p></div><div class="footnote"><p><sup>[<a id="ftn.fnote.bedesc" href="#fnote.bedesc" class="simpara">b</a>] </sup>PowerPC, SPARC, etc</p></div></td></tr></tbody></table></div></div><br class="table-break" /><p>YAPET 0.6 reads and writes any YAPET file regardless of the YAPET
      version used to create and the architecture.</p><p>Refer to the <code class="filename">DESIGN</code> file for further
      information on this issue.</p></div></div><div class="sect1" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="installation"></a>Installation</h2></div></div></div><p>YAPET uses a <span class="command"><strong>configure</strong></span> script for
      configuring the build process. Refer to the
      <code class="filename">INSTALL</code> file in the source tarball
      <code class="filename">yapet-0.6.tar.gz</code>.</p></div><div class="sect1" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="usage"></a>Usage</h2></div></div></div><p>YAPET is kept simple. You should not find it difficult to
    use. The user interface has some quirks, though.</p><p>See the manual page <span class="citerefentry"><span class="refentrytitle">yapet</span>(1)</span> after installing YAPET for a minimal user
    guide.</p></div><div class="sect1" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="design"></a>Design</h2></div></div></div><p>Refer to the <code class="filename">DESIGN</code> file which comes
    along with the source tarball in order to get an idea of the
    design of YAPET.</p></div><div class="sect1" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="caution"></a>A Word of Caution</h2></div></div></div><p>Although several precautions were taken to avoid having any passwords
  stored clear text in memory, there were occasions when core files contained
  the master password. This means that it is possible, though not likely, for a
  malicious user to get hold of one or more
  passwords <span class="emphasis"><em>while</em></span> YAPET is running.
</p></div><div class="sect1" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="license"></a>License</h2></div></div></div><p>YAPET -- Yet Another Password Encryption Tool</p><p>Copyright (C) 2008, 2009 Rafael Ostertag <code class="email">&lt;<a class="email" href="mailto:rafi@guengel.ch">rafi@guengel.ch</a>&gt;</code></p><p>
This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation, either version 3 of the License, or (at your option) any later
version.
</p><p>
This program is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.  See the GNU General Public License for more
details.
</p><p>
You should have received a copy of the GNU General Public License along with
this program.  If not, see <a class="ulink" href="http://www.gnu.org/licenses/" target="_top">http://www.gnu.org/licenses/</a>.
</p><p><b>Additional permission under GNU GPL version 3 section 7. </b>
    If you modify this program, or any covered work, by linking or combining it
    with the OpenSSL project's OpenSSL library (or a modified version of that
    library), containing parts covered by the terms of the OpenSSL or SSLeay
    licenses, Rafael Ostertag grants you additional permission to convey the
    resulting work.  Corresponding Source for a non-source form of such a
    combination shall include the source code for the parts of OpenSSL used as
    well as that of the covered work.
  </p></div></div></body></html>