[00:00] <hads> https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/715056
[00:00] <chilts> dovecot overwrote your postfix.cf???
[00:00] <hads> Yeah, only if you're using dovecot-postfix though
[00:00] <chilts> ah, ok
[00:01] <hads> It eases setting up single sign on between postfix SASL and dovecot
[00:01] <chilts> hmm, etckeeper ... I must look that up
[00:06] <ibeardslee> chilts: it gets used on some servers here
[00:06] <ibeardslee> the ones that aren't puppetised
[00:11] <chilts> yeah, it seems it might be quite interesting ... I should try puppet again though, it annoyed me last time I tried it :)
[00:14] <ajmitch> having your config be changed from a security update would be a bit worrying
[00:15] <hads> Indeed.
[00:15] <hads> Wasn't super impressed.
[00:16] <ajmitch> backups are great, but having things break while you rush around in a panic trying to restore configs isn't :)
[00:17] <hads> Yeah, thankfully it didn't actually stop mail working for me, I see from the bug it has for others.
[00:18] <hads> I just was confused as to why I started getting more spam again.
[00:19] <ajmitch> so is the security update itself still there?
[00:20]  * ajmitch is using dovecot+exim, so wasn't bitten by this
[00:20] <hads> I believe so yes.
[00:20] <hads> Fix is in proposed, to be released on the 16th
[02:40] <chilts> who uses what to store passwords (encrypted)? plain GPG? something on top of that?
[02:41]  * chilts is looking for a solution to his password problem, but only wishes the solution was OpenID :)
[02:41] <chilts> oh, a command line client wins as far as I'm concerned
[02:42] <ibeardslee> chilts: looking for something solid myself .. pref with an android client that can be syncd in some way
[02:42] <mwhudson> chilts, fmarier: still on for the quiz tomorrow?
[02:42]  * chilts is 
[02:42] <chilts> ibeardslee: I'm less worried about Android, but just something nice
[02:42] <fmarier> mwhudson: yup
[02:42] <mwhudson> cool
[02:43] <fmarier> we're gonna kick arse
[02:43] <mwhudson> heh
[02:43] <mwhudson> did you set the questions or something? :)
[02:43] <ibeardslee> your own?
[02:46] <fmarier> no, i'm just trying to convince myself and build up some confidence :)
[02:47] <chilts> this would be ideal -> http://paste.dollyfish.net.nz/54c218.txt
[02:47] <chilts> or something along those lines
[02:48] <chilts> I might have to make one I guess
[02:49] <chilts> there must be _something_ that already does this ... am looking through a load of packages to see what they do
[02:49] <fmarier> chilts: i use pwsafe and it does exactly that
[02:50] <fmarier> however it has just been removed from Debian, so i need to find a new one
[02:50] <chilts> ah right
[02:50] <fmarier> on my list of packages to have a look at: revelation, yapet, mypasswordsafe, pwman3, zsafe and keysafe
[02:50] <chilts> what I also want is something which saves each password (site) in a different file, then I can check them in to git and push to a couple of repos (for safekeeping)
[02:50] <fmarier> let me know if you find a good one
[02:51] <chilts> will do
[02:51] <fmarier> ah, then you might have to write your own, i'm not aware of a git-based one
[02:51] <chilts> I'll look at those first too ... keepassx doesn't seems to be what I want either
[02:51] <chilts> well, not git based, just so I can put things into git
[02:51] <chilts> that's all
[02:51] <ibeardslee> pview?
[02:51] <chilts> ie. it does things on files in the cwd, rather than in some hidden file in ~/
[02:52] <chilts> ibeardslee: isn't that a Catalyst thing?
[02:52] <fmarier> pwsafe was just one file. i rsync it with s3 everyday
[02:52] <chilts> yeah, that sounds like a decent idea
[02:52] <ibeardslee> chilts: might be
[02:52] <chilts> and it encryped with GPG?
[02:53] <ibeardslee> `apt-cache search pview` isn't useful
[02:57] <ojwb> matches "MapViewOfFile" - helpful
[03:07] <chilts> first version -> http://paste.dollyfish.net.nz/59248b
[03:07] <chilts> text version -> http://paste.dollyfish.net.nz/59248b.txt
[03:07] <chilts> it obviously doesn't do anything yet, but any comments about the interface are appreciated! :)
[03:08] <chilts> it will find and save all files in the local dir ... people can back it up however they like then (git, S3, rsync, unison, etc)
[03:11] <chilts> cool, Crypt::GPG will come in handy
[03:22] <chilts> ok, I have it encrypting some text, now to make it a file
[03:22] <chilts> well, it's _saving_ a file, but I want to read from a new file made by $EDITOR
[03:22] <chilts> File::Temp wins, so does File::Slurp :)
[03:34] <chilts> nice ... "./pwkeeper show linkedin" now shows the contents of linkedin.gpg (after prompting for your passphrase and echoing it as *s) :D
[03:34] <chilts> am now on the way to the program I want :D
[03:34] <chilts> I should get back to work
[03:35] <ibeardslee> fark they are rockin down chch way
[03:58] <ojwb> yeah, 5.5 and 6.0 in one day
[06:14] <Atamira> a friends just got his power back on (friend in chch)
[10:29] <fmarier> chilts: let me know once you've put your pwkeeper somewhere. it seems to be far better than everything else that's in Debian unfortunately
[10:30] <fmarier> one thing that might be nice however would be to hash the filenames for the password places
[10:30] <fmarier> otherwise it reveals what accounts you have
[10:30] <fmarier> so i guess you'd need a hash of the site + the master password or something like that
[11:44] <Bacta> Hai all
[21:00] <snail> mōrena all
[21:02] <ibeardslee> morning
[21:05] <ajmitch> morning
[21:07] <hads> Mornin
[21:54] <chilts> fmarier: yeah, good idea ... but how would you know which file each password is in?
[21:54] <chilts> I mean, so far my plan is to have a file/account, but maybe your 1-file thing works better
[21:54] <chilts> oopse
[21:54] <chilts> morning
[21:54]  * chilts slaps wrist
[21:56] <ajmitch> chilts: how could you?
[21:57] <chilts> sorry, my bad
[21:58]  * ajmitch watches the load average slowly climb
[21:59] <ajmitch> iotop can be a useful tool at times
[22:10] <chilts> fmarier: so you mean something like md5sum('site' + 'password')?
[22:10] <chilts> I wasn't going to have a master password, just your GPG one
[22:27] <chilts> maybe a file called 'sites.gpg' will hold the definitive list ... yeah, I like that idea
[22:27]  * chilts completes 'pwkeeper list', 'pwkeeper new' and 'pwkeeper show' :)
[22:27] <chilts> it's all working ... just lots more to do
[22:32] <ajmitch> so how different is this from keepass?
[22:33] <chilts> encryption is GPG, not AES or Twofish
[22:33] <chilts> there isn't a single database, it's all in different files
[22:33] <chilts> it's not cross platform - well, it's command line based for a start :)
[22:34] <chilts> it's just an idea that sprouted yesterday and seems to be growing on me, 'tis all
[22:34] <chilts> a personal itch as it were
[23:05] <snail> chilts: encryption is not GPG; GPG is a framework into which encryption algorithms like AES and Twofish fit.
[23:06] <chilts> yeah, fair enough
[23:06] <chilts> I forgot about that :)
[23:07] <chilts> it's one of those wonderful things about not worrying about details since something else takes care of it for me :D
[23:11] <Atamira> morning all
[23:38] <thumper> morning