Skip to content

Instantly share code, notes, and snippets.

@JoshCheek
Last active September 4, 2017 18:46
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save JoshCheek/e9355d9ae3294f85e9fc3b55392749cd to your computer and use it in GitHub Desktop.
Save JoshCheek/e9355d9ae3294f85e9fc3b55392749cd to your computer and use it in GitHub Desktop.
Encrypting a file and sending it to someone whose public key you have
# The secret info we want to send (for us, this is the SFTP private key)
ruby -e '500.times { print "secret " }' > secret.unencrypted
# Generate the password
openssl rand 128 -out password.unencrypted
# Encrypt the secret with the password
openssl enc -aes-256-cbc -salt -in secret.unencrypted -out secret.encrypted -pass file:./password.unencrypted
# Get the public key we'll use to encrypt the password (this uses my public key, swap it for whoever you want to send the message to)
curl -sL 'https://api.github.com/users/JoshCheek/keys' | jq -r '.[]|select(.id==23809681).key' > key.rsa
ssh-keygen -f key.rsa -e -m PKCS8 > key.pub
# Encrypt the password with the public key
openssl rsautl -encrypt -inkey key.pub -pubin -in password.unencrypted -out password.encrypted
# ----- Send them the password.encrypted and the secret.encrypted
# Decrypt the password with your private key
openssl rsautl -decrypt -inkey ~/.ssh/id_rsa -in password.encrypted -out password.decrypted
# Decrypt the secret
openssl enc -d -aes-256-cbc -salt -in secret.encrypted -out secret.decrypted -pass file:./password.decrypted
# Examine the secret
cat secret.decrypted
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment