GPG encrypted notebooks.
I have tried a number of different note systems over the years, from
online notes to Vim-wiki and Org-Mode and even just plain old text files.
All have their benefits and issues.
More recently I have taken to GPG encrypting my notes in a process to
improve my overall security and privacy.
Whilst migrating my passwords into Pass the Standard Unix Password
Manager I was intrigued by the simplicity and ease of use in adding,
managing and using passwords under this system.
Then this notes system started to brew in the back of my head. What if
I replaced the password functionality of pass with a notes system.
Sure I could include my notes into pass with it’s multi-line ability.
But as notes were added it would make accessing and managing my
passwords more difficult. So I decided I really needed to keep my
passwords and notes separate.
I decided to take the pass shell script and gut it, rename the
functions and implement a system to encrypt/decrypt notes.
I use Yubikeys for my encryption and so have ensured that this script
works with the Yubikey 5 NFC, Yubikey 4 and the Yubikey NEO.
This application is licensed under the 3 clause BSD licence. See
LICENCE for details.
Contributions are welcome. Please see docs/CONTRIBUTING.md for details.
This Notes system supports multiple notebooks.
Adding or removing this software is easy. See docs/INSTALL.md
or UNINSTALL.md for details.
After installation you need to setup the environment. Standard Unix
Notes does this with environment variables and the notes
init command.
The application manages notes in a similar way that Password-Store
manages passwords. To add/edit/import/rename/copy/delete notes you use
the appropriate sub-commands.
For example, to add a note you simply use
$ notes add this is my note title
The notes(1) application automatically replaces spaces in the note title
with underscores.
For full details of commands available see
docs/USING_NOTES.md for details or view the
notes(1) man page.
Encryption keys do not last forever. From time to time they expire or
become unsafe for some reason.
When you need to change the encryption key for a file you would normally
decrypt and then re-encrypt it manually. Doing this for a series of
files like you have in Notes would be a major pain. We have thought
about this scenario and can automate it.
Notes has a special sub-command newkey to change the encryption keys
of your notes. Using this command allows you to change the encryption
keys for all of your notes at once rather than having to change them
manually.
See docs/USING_NOTES.md for details.
You can have multiple notebooks to organise your notes. Each notebook is
just a plain UNIX directory and so could be managed by standard UNIX
directory tools.
But to make it easier we have provided a tool called notebook that has
a series of sub-commands for managing notebooks. See
docs/MANAGING_NOTEBOOKS.md for full details of the
command and sub-commands.
Also included is a journal(1) system for encrypted journal entries. See
docs/JOURNAL.md for details.
Standard Unix Notes supports GPG Keys on Yubikeys for GPG decryption.
For more details see docs/YUBIKEYS.md.
For more details on the proposed PIV integration see docs/PIV.md
See docs/RELEASE-NOTES.md for details.
See docs/ROADMAP.md for details.
We currently package for the following:
We are looking to package for other distributions depending on
availability: see docs/PACKAGING.md for details.
See docs/SECURITY.md for details on our security policy and
docs/BUGS.md for reporting bugs.