Author

Topic: a simple script for wallet password encryption (Read 1463 times)

legendary
Activity: 1896
Merit: 1353
... or maybe something more complicated to make sure the wallet encryption/writing completed OK before removing the wallet.dat.  Like checking to make sure wallet.dat.aes256's filesize doesn't get smaller through the decrypt...use...re-encrypt cycle.

thanks for having a look. I updated the script, with something a bit more complicated, but perhaps better than filesize:
the wallet is decrypted one last time, and I check it is a fixed point before deleting it.
legendary
Activity: 1652
Merit: 2311
Chief Scientist
Quote
Code:
   openssl enc -aes256 -in /dev/shm/wallet.dat -out $dir/wallet.dat.aes256 -pass pass:$passw
    rm -f $dir/wallet.dat

That really aught to be openssl .. && rm -f ...
... or maybe something more complicated to make sure the wallet encryption/writing completed OK before removing the wallet.dat.  Like checking to make sure wallet.dat.aes256's filesize doesn't get smaller through the decrypt...use...re-encrypt cycle.
legendary
Activity: 1896
Merit: 1353
Thanks for the feedback. I updated the script following your suggestions (shm + symlink).
My machine is not a shared PC, it is a simple laptop. But these things sometimes get lost, stolen, or simply borrowed. I feel more comfortable with encryption.
full member
Activity: 176
Merit: 100
This is a KISS-Solution for a shared PC. I like it. However you could add some additional security by using /dev/shm as traget for the unencrypted wallet. With appropriate permissions and a link from your bitcoin directory you make sure that the unencrypted wallet never is written to a non-volatile memory. Your solution unintentional might leave a copy of your wallet on your physical disk or in the filesystems journal.

But nevertheless I won't use any shared PC for my main wallet. But for a small wallet for day-to-day transactions it is a straightforward solution.
legendary
Activity: 1896
Merit: 1353
Simple password encryption is a feature I would like to see built in the client, because other people than me have physical access to my machine.

Until then, here is a short script that does what I want:

http://sanescreen.org/wallet

I did not find a similar script on the forum or wiki, this is why I post it here.
I hope it will be useful to some; please send me your feedback.

Jump to: