Skip to content
This repository has been archived by the owner. It is now read-only.
Switch branches/tags
Go to file
Cannot retrieve contributors at this time
#!/usr/bin/env bash
# exit on error
set -e
# no undefined variables
set -u
# cancel if wrong number of arguments
if [ $# -ne 1 ]; then
echo "
Usage: <filename>
Edit an encrypted file with your default editor and save it back automatically.
To create an encrypted file use:
openssl enc -aes-256-cbc -salt -in <filename> -out <enc-filename>
exit 1
# file from arg
# cancel if file does not exists
if [ ! -f "$FILE" ]
echo "'$FILE' does not exists"
exit 1
# generate temp file name
TEMP_FILE=".enc-edit-temp-$(date +%s)"
# prompt for password
read -s -p "enter file password: " PASSWORD
# secure delete temp file
function cleanup {
shred --iterations 3 --zero --remove $TEMP_FILE
echo "done."
# cleanup before script exits or if script is interrupted
trap cleanup INT TERM EXIT
echo "
open file ..."
# open file with password and write content in temp file
openssl enc -aes-256-cbc -d -pass "pass:$PASSWORD" -in "$FILE" -out $TEMP_FILE
# find editor
git config --get core.editor || \
(which $EDITOR &> /dev/null && echo $EDITOR) || \
(which vim &> /dev/null && echo vim ) || \
(which nano &> /dev/null && echo nano ) \
# open temp file in editor
# write temp file to original with password
openssl enc -aes-256-cbc -salt -pass "pass:$PASSWORD" -in $TEMP_FILE -out "$FILE"