Last active
November 26, 2015 00:37
-
-
Save Linnk/bcd222a013c6a170a490 to your computer and use it in GitHub Desktop.
The following script generates a compressed encrypted backup given a "fileinput" with a big and pretty much random symmetric secret key; then, this unique key will be encrypted using a asymmetric public key given a "recipient".
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # ASYMMETRIC CRYPTO BACKUP | |
| # | |
| # The following script generates a compressed encrypted backup given a "fileinput" | |
| # with a big and pretty much random symmetric secret key; then, this unique key | |
| # will be encrypted using an asymmetric public key given a "recipient". | |
| # | |
| # To decrypt an asymmetric crypto backup do: | |
| # | |
| # 1. Decrypt and print the symmetric key using the correspondant key to "recipient". | |
| # gpg -d example_key.txt.gpg | |
| # | |
| # 2. Use the symmetric key printed in screen to decrypt the backup. | |
| # gpg -d example.tar.gz.gpg | tar xvzp | |
| # | |
| # 3. Profit. | |
| # | |
| # CONFIGURATION | |
| publickey="public@key.com" | |
| fileinput="database.sql" | |
| # | |
| # SCRIPT STARTS HERE | |
| # | |
| filename="${fileinput%.*}" | |
| log_echo() { | |
| echo $(date +%Y-%m-%d\ %H:%M:%S) "$@"; | |
| } | |
| # cd ~/Backup/ | |
| log_echo "Securing backup..." | |
| log_echo "Generating a big and random symmetric key." | |
| puked=`env LC_CTYPE=C tr -dc "\+\.\-\_\=A-Za-z0-9" < /dev/urandom | head -c 100 ; echo` | |
| prefixdate=$(date +%Y-%m-%d_%H%M%S) | |
| log_echo "Compressing and encrypting using --cipher-algo aes256." | |
| tar czpf - $fileinput | gpg --passphrase $puked --symmetric --cipher-algo aes256 -o "$prefixdate"_"$filename".tar.gz.gpg | |
| log_echo "Completed: $prefixdate"_"$filename".tar.gz.gpg | |
| log_echo "Encrypting the symmetric key using the given public key." | |
| echo $puked | gpg --output "$prefixdate"_"$filename"_key.txt.gpg --encrypt --recipient $publickey | |
| log_echo "Completed: $prefixdate"_"$filename"_key.txt.gpg | |
| log_echo "Done." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment