Transparent editing of GPG encrypted files with Vim

Do you want to edit gpg encrypted data and like Vim? This post is about how to combine both, GPG and Vim.

In case vim is not installed yet, you can install vim e.g. on Ubuntu with

sudo apt-get install vim

In case gpg (gnupg) is not installed yet, you can install it e.g. on Ubuntu:

sudo apt-get install gnupg gnupg2
alias gpg="gpg2"

Now, GPG (gnupg) can be connected with vim as plugin.

In case the required vim plugin folders do not exist yet, create those e.g. on Ubuntu

mkdir -p ~/.vim/plugin/

and download the plugin

cd ~/.vim/plugin/
wget https://raw.githubusercontent.com/jamessan/vim-gnupg/master/plugin/gnupg.vim
# check https://github.com/jamessan/vim-gnupg/releases 
# in case the download is not successful
chmod +x gnupg.vim

The next steps is to set the regarding environment variables e.g. for bash:

vim ~/.bashrc
# 'Shift + G' to got to end of the file 
# 'o' ti switch to insert mode in a new line
export GPG_TTY=`tty`
# ESC and ':x' to write changes to '~/.bashrc' file and close

You can set plugin defaults in ~/.vimrc:

let g:GPGPreferArmor=1
let g:GPGDefaultRecipients=["yourname@yourdomain.com"]

This settings prefers ASCII-armored files, and sets your default recipient list.

All preparation is done, let’s test it:

vim test.asc

In my case I get:

GPG: ----------------------------------------------------------------------
GPG: Please edit the list of recipients, one recipient per line.
GPG: Unknown recipients have a prepended "!".
GPG: Lines beginning with "GPG:" are removed automatically.
GPG: Data after recipients between and including "(" and ")" is ignored.
GPG: Closing this buffer commits changes.
GPG: ----------------------------------------------------------------------
Lothar Schulz <lothar.sch@gmx.de>               (ID: [.....] created at .......... ...)

Save this with ‘:x’.

Now, you can add your data e.g.

# 'i' to switch to insert mode
My encrypted data.
# 'ESC' to leave insert mode

Save now with ‘:x’.

Lets lets see how the file test.asc looks like:

$ cat test.asc 

$ gpg -d test.asc
gpg: encrypted with 3072-bit RSA key, ID [.....], ......
      "Lothar Schulz <lothar.sch@gmx.de>"
My encrypted data.


Vim, gpg (gnupg) and the vim gnupg plugin make transparent editing of GPG encrypted files with Vim easy and fun!

default encryption settings for initial test.asc file

default encryption settings for initial test.asc file

test.asc file with sample content

test.asc file with sample content

test.asc file in clear text and encrypted

Lothar Schulz

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.