Passing an Encrypted file between 2 places
I've been trying to better manage all the passwords in my life. A nice way to do this would be to put them all in a spreadsheet, but that has one major flaw. Anyone can read it! To prevent this, I turned to one of the most useful open-source security tools: GPG (GNU Privacy Guard).My needs are simple, I want to encrypt a spreadsheet containing sensitive information and I want to share it between 2 computers (one which is running Linux and the other which is running Windows... for work). The tools you'll need are GPG and a USB drive.
First you need to setup both environments. Install gpg on both platforms (on Linux it should be included by default, on windows just grab the installer from here: ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.5.exe). For windows, you might want to add gpg to your PATH environment variable to simplify things (right click on My computer, go to system properties, advanced, environment variables and append the install directory of gpg to the path variable - should be something like: C:\Program Files\GNU\GnuPG) Make sure you remember to separate it out with a ";"
To generate a public/private key execute this command (as normal user, for windows just add .exe to the gpg command):
gpg -gen-keyJust follow the prompts and create your keys. You need to do this for both environments. Now export your public and private keys on both computers
on windows:
gpg.exe -a --export NAME > work_public_key.gpg
gpg.exe -a --export-secret-keys NAME > work_private_key.gpg
on linux:
gpg -a --export NAME > home_public_key.gpg
gpg -a --export-secret-keys NAME > home_private_key.gpg
Now this part gets tricky... use the USB key to transfer each key to the other computer to mutually authenticate. Use the following commands:
on windows:
gpg.exe --import home_public_key.gpg
gpg.exe --import home_private_key.gpg
on linux:
gpg --import work_public_key.gpg
gpg --import work_private_key.gpg
Both machines should now be mutually authenticated, allowing you to encrypt and decrypt files between them!
To encrypt a file
gpg -r "The name you entered for your key" --output OUTFILE.gpg --encrypt INFILETo decrypt a file
gpg -r "The name you entered for your key" --output OUTFILE --decrypt INFILE.gpgScripts and References
Here are the scripts I wrote to simplify things [.sh are Linux and .bat are windows... in case you didn't know :)]
-
encrypt.sh
#/bin/bash
echo "Encrypting file"
gpg -r "TYPE NAME HERE" --output /mnt/usb/pw/pw.gpg --encrypt /mnt/usb/pw/pw.ods
echo "Removing unencrypted file"
rm /mnt/usb/pw/pw.ods
decrypt.sh
#/bin/bash
echo "Decrypting file"
gpg -r "TYPE NAME HERE" --output /mnt/usb/pw/pw.ods --decrypt /mnt/usb/pw/pw.gpg
echo "Removing encrypted file"
rm /mnt/usb/pw/pw.gpg
encrypt.bat
gpg -r "TYPE NAME HERE" --output F:\pw\pw.gpg --encrypt F:\pw\pw.ods
del F:\pw\pw.ods
pause
decrypt.bat
gpg -r "TYPE NAME HERE" --output F:\pw\pw.ods --decrypt F:\pw\pw.gpg
del F:\pw\pw.gpg
pause
- GPG Howto's: http://www.gnupg.org/(en)/documentation/howtos.html
- Another Useful Guide: http://www.somacon.com/p107.php
Last updated: 09/27/2006 11:05:42 AM by Michael Labowicz