#
#	$SRC_Id: README.tmpl,v 1.14 2014/11/29 12:07:13 craski-shell_86 Exp $
#


#
# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Function
# ========
#

OpenBSD command line password manager with OpenSSL file encryption


#
# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Description
# ===========
#

Cagair is a command line password manager application, which helps
people organise their many login details, notes, or other secure data.

It stores data in a securely encrypted file, which is access protected
by a single "master password". You only need to remember the single
master password, instead of the many unique logins that you use.

Cagair is a lightweight Korn shell script that drives the heavyweight
OpenSSL file encryption tool, enabling the user to view/change the file
with a secured editor of their choosing.

It is open source and FREE. 

While designed specifically for OpenBSD, it may also function on general
Unix-like operating systems, such as *BSD, OS X, Linux, Solaris, etc.


#
# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Origins
# =======
#

The original ~/bin/pwsafe came from Christian Weisgerber in his post to the
OpenBSD miscellaneous mailing list 'misc@openbsd.org', in a discussion entitled
"Are there any default password managers in OpenBSD?"

http://thread.gmane.org/gmane.os.openbsd.misc/209150/focus=209211


#
# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Name
# ====
#

Christian Weisgerber named his original script: '~/bin/pwsafe'.
When beginning this project fork, Craig Skinner renamed it 'cagair'.

'Cagair' is a Scottish Gaelic language word for English 'whisper', or 'secret'.

The 'C' is hard & short, e.g. 'Celtic' is said 'Keltic'; Original Greek 'Keltoi'.
Craig Skinner (6/1/2014):> "How is the Gaelic word 'cagair' pronounced?"
Charles Macleod (Chartered teacher at Trinity Academy, Edinburgh, Scotland):>
"There is a saying there is no G in Gaelic. If a G appears in the middle of a
word then you would pronounce it as a K. So it would be (Khk-er) whisper. :-)"

While taking a break from making music for us Scottish Country dancers, Charles
kindly produced the included MP3 to define the correct Gaelic pronunciation.

Currently, a Gaelic dictionary has about 40 results for a search on 'secret':
http://learngaelic.net/dictionary/?abairt=secret

	cagar (masculine)
		1) (act of) whispering
		2) whisper
		3) secret 
		4) dear, darling 

	cagairt (feminine)
		1) (act of) whispering
		2) whisper
		3) secret 

http://en.wiktionary.org/wiki/cagar#Scottish_Gaelic
	cagar
		Noun masculine (genitive 'cagair', plural 'cagairean')
		1) Verbal noun of 'cagair'.
		2) whisper
		3) secret
		4) dear, darling 

http://learngaelic.net/dictionary/?abairt=cagair&men=false
	cagair
		whisper!
		genitive noun /kagiri/

http://en.wiktionary.org/wiki/cagair
	cagair
		whisper
		(genitive singular of 'cagar' - the act of whispering)

http://glosbe.com/gd/en/cagair
	cagair
		whisper (verb, noun) 
		genitive singular form of cagar


#
# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Usage
# =====
#

usage:
	cagair
	cagair [-hv] [-i file]
	cagair -h (this help)
	cagair -i file (plain text import)
	cagair -v (version number)


#
# An example first run:
#

you$ cagair
Secured file editors are:
mg:	/usr/bin/mg
vi:	/usr/bin/vi
vim:	/usr/local/bin/vim
Select from above list? [Default is mg]: [ENTER]
/usr/bin/mg
Save selected editor for next time? [Y/n]: [ENTER]
/usr/local/bin/pwqcheck
Encrypting secrets...

*** WARNING!!! ***
There is _ABSOLUTELY_NO_ password recovery procedure!
*** Be VERY careful to REMEMBER this! ***

Password: Bad passphrase (too short)
Password: Bad passphrase (not enough different characters or classes for this length)
Password: Bad passphrase (too long)
Password: OK
Password: They do not match.
Password: OK
Password: [Typed in a valid password.][ENTER]


#
# An example run without changing the secrets file:
#

you$ cagair
/usr/bin/mg
Change editor? [y/N]: [ENTER]
/usr/local/bin/pwqcheck
Decrypting existing secrets...
Password: No modification, exiting.


#
# An example run with a changed secrets file:
#

you$ cagair
/usr/bin/mg
Change editor? [y/N]: [ENTER]
Decrypting existing secrets...
Password: Encrypting secrets...
Reuse the same password again? [Y/n]: [ENTER]


#
# An example run, changing the editor, secrets & master password:
#

you$ cagair
/usr/bin/mg
Change editor? [y/N]: y
Secured file editors are:
mg:	/usr/bin/mg
vi:	/usr/bin/vi
vim:	/usr/local/bin/vim
Select from above list? [Default is mg]: vim
/usr/local/bin/vim
Save selected editor for next time? [Y/n]: [ENTER]
EDVIS='vim'
/usr/local/bin/pwqcheck
Decrypting existing secrets...
Password: Encrypting secrets...
Reuse the same password again? [Y/n]: n

*** WARNING!!! ***
There is _ABSOLUTELY_NO_ password recovery procedure!
*** Be VERY careful to REMEMBER this! ***

Password: OK
Password: [Typed in a valid password.][ENTER]


#
# An example run, importing a file containing login details:
#

you$ cagair -i /tmp/tmp.EKoMQOXkni
/usr/local/bin/vim
Change editor? [y/N]: [ENTER]
/usr/local/bin/pwqcheck
Decrypting existing secrets...
Password:
Import file was appended. Continue [ENTER]: [ENTER]
Encrypting secrets...
Reuse the same password again? [Y/n]: [ENTER]


#
# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Source code access
# ==================
#

#
# HTTP download:
#
http://web.britvault.co.uk/products/cagair/cagair-2.0.20.tar.gz

#
# Anonymous CVS checkout:
#
# *** NOTE: Neither password nor network encryption is needed.
#
you$ cd $(mktemp -d)
you$ export CVSROOT=':pserver:anoncvs@src.britvault.co.uk:/var/spool/cvs'
you$ cvs -q checkout -P cagair

#
# When done editing, generate a diff of your work, then
# send it with your comments to the mailing list below:
#

you$ cvs -q diff -uNp cagair/ | tee cagair.$$.diff

#
# Mailing list for discussion & diffs/patches:
#

post:	cagair@britvault.co.uk
join:	cagair+subscribe@britvault.co.uk
leave:	cagair+unsubscribe@britvault.co.uk


#
# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Building
# ========
#

The script 'cagair' is included in the tarball/CVS repository,
which has been built by running the included './release.ksh build'


#
# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Installing
# ==========
#

The built script could be installed in /usr/local/bin

you$ sudo install -b -p -S -o root -g bin -m 0555 cagair /usr/local/bin
you$ ls -lo /usr/local/bin/cagair
-r--r--r--  1 root  bin  - 8946 Nov 29 11:50 /usr/local/bin/cagair*


#
# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Running
# =======
#

+-------------------------------------------------------------------------------
| Running cagair-2.0.20 on OpenBSD
+-------------------------------------------------------------------------------

To check the complexity of each user's cagair master password,
refer to 'passwordcheck' in login.conf(5).

The package 'passwdqc' is known to work.

For anonymous CVS source code, mailing list, pronunciation and other details,
also see: /usr/local/share/doc/cagair/


#
# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
#