Skip to content

I recently stumbled on this blog post covering how to transparently encrypt and de-crypt *.gpg files:

http://blog.endpoint.com/2012/05/vim-working-with-encryption.html

The gist is to add this to your .vimrc file:

" Transparent editing of gpg encrypted files.
" By Wouter Hanegraaff
"    see: http://blog.endpoint.com/2012/05/vim-working-with-encryption.html
"
augroup encrypted
  au!

  " First make sure nothing is written to ~/.viminfo while editing
  " an encrypted file.
  autocmd BufReadPre,FileReadPre \*.gpg set viminfo=
  " We don't want a swap file, as it writes unencrypted data to disk
  autocmd BufReadPre,FileReadPre \*.gpg set noswapfile

  " Switch to binary mode to read the encrypted file
  autocmd BufReadPre,FileReadPre \*.gpg set bin
  autocmd BufReadPre,FileReadPre \*.gpg let ch\_save = &ch|set ch=2
  " (If you use tcsh, you may need to alter this line.)
  autocmd BufReadPost,FileReadPost \*.gpg '\[,'\]!gpg --decrypt 2> /dev/null

  " Switch to normal mode for editing
  autocmd BufReadPost,FileReadPost \*.gpg set nobin
  autocmd BufReadPost,FileReadPost \*.gpg let &ch = ch\_save|unlet ch\_save
  autocmd BufReadPost,FileReadPost \*.gpg execute ":doautocmd BufReadPost " . expand("%:r")

  " Convert all text to encrypted text before writing
  " (If you use tcsh, you may need to alter this line.)
  autocmd BufWritePre,FileWritePre \*.gpg '\[,'\]!gpg --default-recipient-self -ae 2>/dev/null
  " Undo the encryption so we are back in the normal text, directly
  " after the file has been written.
  autocmd BufWritePost,FileWritePost \*.gpg u
augroup END