Skip to content

Instantly share code, notes, and snippets.

@pmarreck
pmarreck / encrypt_decrypt.sh
Last active Aug 31, 2020
Some easy bash scripts to encrypt/decrypt data, for anyone who wants to go all cloak&dagger. (bitcoin private keys, etc.)
View encrypt_decrypt.sh
# Encryption functions. Requires the GNUpg "gpg" commandline tool. On OS X, "brew install gnupg"
# Explanation of options here:
# --symmetric - Don't public-key encrypt, just symmetrically encrypt in-place with a passphrase.
# -z 9 - Compression level
# --require-secmem - Require use of secured memory for operations. Bails otherwise.
# cipher-algo, s2k-cipher-algo - The algorithm used for the secret key
# digest-algo - The algorithm used to mangle the secret key
# s2k-mode 3 - Enables multiple rounds of mangling to thwart brute-force attacks
# s2k-count 65000000 - Mangles the passphrase this number of times. Takes over a second on modern hardware.
# compress-algo BZIP2- Uses a high quality compression algorithm before encryption. BZIP2 is good but not compatible with PGP proper, FYI.
You can’t perform that action at this time.