Skip to content

Instantly share code, notes, and snippets.

@cellularmitosis cellularmitosis/README.md
Last active Oct 15, 2019

Embed
What would you like to do?
encrypt.sh and decrypt.sh

Blog 2019/4/29

<- previous | index | next ->

encrypt.sh and decrypt.sh

Just a couple of simple wrappers around gpg.

#!/bin/bash
set -e -o pipefail
# By default, gpg-agent will cache any passphrase that you enter.
# This means that if you decrypt a file once, you can then decrypt it
# a second time without being prompted for a passphrase. Yikes!
# Unfortunately, there doesn't seem to be a way to disable passphrase
# caching on a per-invocation basis -- you must use a config file.
# Here, we refuse to run if the user hasn't disabled passphrase caching, to
# protect newbs. Savvy users who desire passphrase caching will edit this
# script.
if [ ! -e "${HOME}/.gnupg/gpg-agent.conf" ]
then
echo "default-cache-ttl 0" > "${HOME}/.gnupg/gpg-agent.conf"
fi
if grep --silent --invert-match "default-cache-ttl 0" "${HOME}/.gnupg/gpg-agent.conf"
then
echo "ERROR: gpg-agent passphrase caching hasn't been disabled, refusing to run!"
fi
nice gpg --use-embedded-filename "${1}"
#!/bin/bash
set -e -o pipefail
# By default, gpg-agent will cache any passphrase that you enter.
# This means that if you decrypt a file once, you can then decrypt it
# a second time without being prompted for a passphrase. Yikes!
# Unfortunately, there doesn't seem to be a way to disable passphrase
# caching on a per-invocation basis -- you must use a config file.
# Here, we refuse to run if the user hasn't disabled passphrase caching, to
# protect newbs. Savvy users who desire passphrase caching will edit this
# script.
if [ ! -e "${HOME}/.gnupg/gpg-agent.conf" ]
then
echo "default-cache-ttl 0" > "${HOME}/.gnupg/gpg-agent.conf"
fi
if grep --silent --invert-match "default-cache-ttl 0" "${HOME}/.gnupg/gpg-agent.conf"
then
echo "ERROR: gpg-agent passphrase caching hasn't been disabled, refusing to run!"
fi
nice gpg --symmetric --cipher-algo AES256 "${1}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.