Skip to content

Instantly share code, notes, and snippets.

@LadyNamedLaura

LadyNamedLaura/sshencrypt.sh

Last active July 18, 2016 12:58
Show Gist options
  • Save LadyNamedLaura/55fa238aeb7fed4367b18138964477cc to your computer and use it in GitHub Desktop.
Save LadyNamedLaura/55fa238aeb7fed4367b18138964477cc to your computer and use it in GitHub Desktop.
Download ZIP
Raw
sshencrypt.sh
#!/bin/bash
log(){
echo $@ 1>&2
}
job="encrypt"
outfile="/dev/stdout"
privatekey="$HOME/.ssh/id_rsa"
while true
do
case "$1" in
-d)
job="decrypt"
shift ;;
-p|--pubkey)
pubkeyfile=$2
shift 2;;
-g|--githubuser)
ghuser=$2
shift 2;;
-k|--privatekey)
privatekey=$2
shift 2;;
-m|-i|--message)
msgfile=$2
shift 2;;
-o|--outfile)
outfile=$2
shift 2;;
--|"")
break ;;
*)
log "unknown option $1"
exit 1 ;;
esac
done
case "$job" in
encrypt)
log "--> getting pubkey"
if [ -n "$ghuser" ]; then
pubkey="$(curl https://api.github.com/users/$ghuser/keys | jq -r '.[0].key')"
else
pubkey="$(cat $pubkeyfile)"
fi
pubkeypem="$(mktemp --suffix=.pem.pub)"
echo "$pubkey" | ssh-keygen -f /dev/stdin -e -m PKCS8 > "$pubkeypem"
log "--> getting message"
msg="$(cat $msgfile)"
log "--> encrypting"
echo "$msg" | openssl rsautl -encrypt -pubin -inkey "$pubkeypem" -ssl | base64 > $outfile
rm "$pubkeypem"
;;
decrypt)
log "--> getting message"
msg="$(cat $msgfile)"
log "--> decrypting"
echo "$msg" | base64 -d | openssl rsautl -decrypt -inkey "$privatekey" > $outfile
;;
esac
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment