Mailinglist Archive: opensuse-buildservice (339 mails)

< Previous Next >
Re: [opensuse-buildservice] Scripting encryption (little bit offtopic)
  • From: Petr Cerny <pcerny@xxxxxxx>
  • Date: Mon, 03 Mar 2008 18:03:43 +0100
  • Message-id: <47CC2F6F.8050508@xxxxxxx>
Dirk Stoecker wrote:
Hello,

sorry for asking that question here, but I have no better place.

I need an encrypted backup file. I used gpg to make this file. As gpg for idiotic reasons does not allow passwords in commandline (I know, I must be protected against myself) I used expect to do this job. This failed for openSUSE 10.3 due to the pinentry program changes. Now I adapted the code and it works from a normal shell opened in KDE. Still I get no result, when run as cron job.

Can anyone help me. I know I need not ask gpg guys, as they will tell me, what I do is evil.

Not neccessarily, but I'm just mainting it... :) It's perfectly ok for encrypting data on a *safe* system for unsafe transfer.

Is there another way to get a password protect TAR.GZ file? I used mcrypt in the past, but this is no longer developed and has security holes.

What about openssl? You can feed it the passphrase in many different ways (stdin, command line, fd, path, envvar).

openssl enc <-cipher> -pass pass:<password> -in <plain> -out <crypt>
openssl enc <-cipher> -d -pass pass:<password> -in <crypt> -out <plain>

(man openssl, man enc)

Best regards
Petr

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >
References