Blog 2019/4/29
<- previous | index | next ->
Just a couple of simple wrappers around gpg
.
Blog 2019/4/29
<- previous | index | next ->
Just a couple of simple wrappers around gpg
.
#!/bin/bash | |
set -e -o pipefail | |
# By default, gpg-agent will cache any passphrase that you enter. | |
# This means that if you decrypt a file once, you can then decrypt it | |
# a second time without being prompted for a passphrase. Yikes! | |
# Unfortunately, there doesn't seem to be a way to disable passphrase | |
# caching on a per-invocation basis -- you must use a config file. | |
# Here, we refuse to run if the user hasn't disabled passphrase caching, to | |
# protect newbs. Savvy users who desire passphrase caching will edit this | |
# script. | |
if [ ! -e "${HOME}/.gnupg/gpg-agent.conf" ] | |
then | |
echo "default-cache-ttl 0" > "${HOME}/.gnupg/gpg-agent.conf" | |
fi | |
if grep --silent --invert-match "default-cache-ttl 0" "${HOME}/.gnupg/gpg-agent.conf" | |
then | |
echo "ERROR: gpg-agent passphrase caching hasn't been disabled, refusing to run!" | |
fi | |
nice gpg --use-embedded-filename "${1}" |
#!/bin/bash | |
set -e -o pipefail | |
# By default, gpg-agent will cache any passphrase that you enter. | |
# This means that if you decrypt a file once, you can then decrypt it | |
# a second time without being prompted for a passphrase. Yikes! | |
# Unfortunately, there doesn't seem to be a way to disable passphrase | |
# caching on a per-invocation basis -- you must use a config file. | |
# Here, we refuse to run if the user hasn't disabled passphrase caching, to | |
# protect newbs. Savvy users who desire passphrase caching will edit this | |
# script. | |
if [ ! -e "${HOME}/.gnupg/gpg-agent.conf" ] | |
then | |
echo "default-cache-ttl 0" > "${HOME}/.gnupg/gpg-agent.conf" | |
fi | |
if grep --silent --invert-match "default-cache-ttl 0" "${HOME}/.gnupg/gpg-agent.conf" | |
then | |
echo "ERROR: gpg-agent passphrase caching hasn't been disabled, refusing to run!" | |
fi | |
nice gpg --symmetric --cipher-algo AES256 "${1}" |