Be sure to read first the usage overview section: it may already contain the answer you need.

Keys

Key Action
? Open the help screen
ctrln Create a drawer (in the open drawer, or at root when none is open)
ctrlo Open a drawer
ctrlu Close the current drawer, without saving (you're back in the upper level one if you close a deep drawer)
ctrls Save the current drawer and all upper drawers
ctrlq Quit without saving (with no confirmation)
ctrlh Toggle hidding password chars or unselected values
ctrlf Toggle folding: open either all values or just the selected one
/ Start searching the current drawer. Do enter or use the down or up arrow key to freeze it. Do esc to cancel the search
/ then esc Remove the current filtering
esc Cancel current field edition
tab Create a new entry or edit the value if you're already editing an entry's name
arrow keys Move selection, selecting either an entry name or a value (or move the cursor when in an input field)
i or insert Start editing the selected name or value
a Start editing the selected name or value, cursor at the end
n Add a new entry at the end
N Add a new entry immediately after the selected one
d Remove the selected entry (with confirmation)
Enter Validate the current edition
altEnter or ctrlEnter New line in the currently edited value
ctrlc Copy
ctrlx Cut
ctrlv Paste

Note that single key shortcuts can't be used when in an input field. To leave an input field, hit esc.

Launch

SafeCloset is always launched with the path to the closet file to create or open as argument:

safecloset my/secrets.closet

Alias and --open

You may find convenient to have a shortcut to open your most common closet.

For example, you may have this in your shell configuration:

function xx {
    safecloset -o ~/my/secrets.closet
}

Creating drawers isn't something you frequently do, hence the --open option (-o in short) which skips the first screen.

Most typical sessions

SafeCloset is designed for fast sessions. Here are three examples of standard usage.

Find and read an entry

  • open the usual closet (probably with -o)
  • type the passphrase and hit enter to open the drawer
  • hit / then a few letters to find your entry and see its value

If the value is multiline, you may have to select it to read it entirely:

  • hit enter to freeze the search
  • navigate with the arrow keys to the desired value, it automatically opens

You don't have to bother closing SafeCloset as it will automatically close after 120 seconds.

Create an entry

  • open the usual closet (with -o)
  • type the passphrase and hit enter to open the drawer
  • Hit n and fill the input with the entry name
  • hit tab to go to the value input, and fill it
  • validate the value with enter
  • maybe move the entry with ctrlup
  • hit ctrls then ctrlq to save and quit

Edit an entry's value

  • open the usual closet (probably with -o)
  • type the passphrase and hit enter to open the drawer
  • hit / then a few letters to find your entry
  • hit the right arrow key to select the value
  • hit a to edit the field (hit i if you prefer to have the cursor on start)
  • edit the field, then hit enter to validate the change
  • hit ctrls then ctrlq to save and quit

Create a drawer

Shallow drawer

A "shallow" drawer is one which can be open from the top of the closet, with its own password.

To create a deep drawer, from the initial screen you get at closet creation or opening, hit ctrln, type the passphrase, then hit enter.

new closet

drawer creation

Deep drawer

If you're a secret agent expecting to be tortured any day, you may be bothered by the fact an attacker having all the versions of the closet file can determine how many shallow drawers you're really editing.

The solution is to use a deep driver.

A deep drawer is hidden inside another drawer, and it's not possible to know whether you edited a parent or a deeper drawer.

The downside of deep drawers is that you need to open the parent before you open the deeper drawer, which means typing two (or more) passphrases.

In most cases, you don't need such level of secrecy. Most users should be happy with one or a few shallow drawers.

To create a deep drawer, first open the parent drawer, then hit ctrln, type the passphrase, then hit enter.

Open a drawer

Hit ctrlo, type the passphrase, then hit enter.

To open a deep drawer, you must first open its parent.

Close

To save, do ctrls.

To quit, hit ctrlq.

To close the current drawer (which lets you be back in the upper one if you're in a deep drawer), hist ctrlu.

Search

SafeCloset's search ignores case and diacritics, and normalizes Unicode characters.

It's fuzzy and takes into account the character position to not only find the matching entries but select the most relevant one:

searching CA

Searching is typically done by

  • typing / then a few letters of your search
  • hitting enter if the selection is right, or an arrow key or two to navigate to it

To remove the search, hit / then esc.

Edit the drawer

Use the arrow keys to navigate among entries, and from name to value or value to name.

Hit i or a to edit the selected cell, with the cursor either at start or end of the field.

You may go to the next cell, and edit it, with the tab key.

Hit n to add an entry.

Use ctrl and ctrl to move the selected entry.

If you have some text in the clipboard, you may paste it in the current cell with ctrlv.

Import

You may import keys/values from another drawer, from a drawer in another file, or from a CSV file.

This may be useful to reorganize your drawers, or when you edited your closet in two copies on two computers.

To start the import, open the destination drawer, select Import in the menu, then answer the questions of the wizard.

This is a safe operation:

  • no value is even modified: if a key is present both in the source and the destination, and the values aren't the same, the new value after import is the concatenation of both values with a separator, and you decide what parts to keep
  • there's no change until you save, so if you made a mess by importing the wrong drawer, just don't save

Advice

  1. Use the search to navigate among entries. That's the most efficient solution. It's OK to have thousands of secrets in your drawer.
  2. You may not need deep drawers. They make you open twice, with two passwords, so don't use them without reason.
  3. Don't use drawers as categories. They separate audience or security levels and ensure plausible deniability. You're supposed to have one drawer for most of your secrets. Maybe a second one if you have a very secret level. Or one with your work secrets that you may open with colleagues nearby. Or one for the family that even the kids can read. This shouldn't be more than 3 or 4 drawers at most.
  4. Backup your closet files. They're not readable as long as your passphrases can't be guessed so you don't have to hide those files and it's most important to not lose them.
  5. Use hard to guess passphrases, but ones that you can remember for a very long time.
  6. You may keep the executables of all platforms on your USB keys, so that you can read your secrets everywhere.
  7. Don't forget to have your closet file in your backup plan (did I say it already ? In any case it's important)