I need to encrypt a backup file gzip.
I performed the following operation.,
tar -Pzcvf $dir/*.xml >/dev/null | gpg --yes --batch --passphrase PaSsW0rD -o "$bpath/$bfile".tar.gz
But it is failing with the following error.,
gpg: processing message failed: Unknown system error
I just need a simple passsord protected backup file. Any other alternative solutions are also welcome.
Thanks in advance
Option 1
Doing it your way :
tar -zcvf your_tar_file_name.tar.gz "$dir"/*.xml && gpg --symmetric --cipher-algo AES256 your_tar_file_name.tar.gz
Note that I do not wish to preserve absolute names, so I have stripped the P option from tar. The default output file in this case is your_tar_file_name.tar.gz.gpg.
To decrypt and get the files back you may do :
gpg -o my_tar_file.tar.gz -d your_tar_file_name.tar.gz.gpg && tar -xzf my_tar_file.tar.gz
This uses a symmetric encryption scheme, ie, we could use the same password to decrypt the file. The above command will ask you to enter the password for encryption and confirm it.
If you wish to do asymmetric encryption using gpg have a look at this tutorial.
Option 2
You may also use aescrypt
Download aescrypt from here
Once installed you may use the straight-forward GUI to encrypt the file.
If you need the command line tool, you could use the aescrypt command like below:
tar zcvf your_tar_file_name.tar.gz "$dir"/*.xml && aescrypt -e -p yourstrongpassword your_tar_file_name.tar.gz
Here e is for encryption and p is for password. The output will usually be stored in your_tar_file_name.tar.gz.aes.
You could decrypt the your_tar_file_name.tar.gz.aes file using
aescrypt -d -p yourstrongpassword your_tar_file_name.tar.gz.aes
Here d is for decryption.
Related
I'm using below command(non -interactive mode of gpg) to decrypt my file:
gpg --yes --batch --passphrase=Abcdefgh1$ kbc.text.gpg
The file it will decrypt will be kbc.text. Now, in my script I need to assign name of this decrypted file to a variable which I need to use further. For that, I'm using below command:
tmp=gpg --yes --batch --passphrase=Abcdefgh1$ kbc.text.gpg
However, when I run this, I get below error:
script2.sh: line 2: --yes: command not found
Any way to implement this and avoid this error. Any help will be appreciated.
The gpg software supports symmetric encryption out of the box. That means, it works with a password. But apart from protecting the content it is also important to ensure the Authentication of a message. The idea is to create a hashsum of the file itself together with the password used for encryption. According to [1] a popular “Message Authentication Code” is HMAC. After entering:
gpg --hmac --armor --symmetric --passphrase pwd1 file.txt
gpg: Invalid option "--hmac"
an error message occurs that the switch is not known by the software. How can i use the MAC authentication the right way?
You can't. The reason for the error message is that type of signature is not available with GPG. You'd be better off simply signing and encrypting the file with the standard GPG method. Even if you wanted to use symmetric encryption only, then the recipient would still need to use GPG to decrypt the file. The correct command would be:
gpg -o filename.txt.asc -sear $recipient_key filename.txt
This assumes you also always encrypt to your own key, otherwise the command would be:
gpg -o filename.txt.asc -sear $recipient_key -r $your_key filename.txt
If they don't have a key, you could still sign and encrypt to your own key only and then extract the session key so you could provide that for them to decrypt the file with it:
gpg -o filename.txt --show-session-key -d filename.txt.asc
Then the recipient would be able to decrypt with:
gpg -o filename.txt --override-session-key $session_key -d filename.txt.asc
If you really must use symmetric encryption only, however, you can do it in two setps.
First sign the file:
gpg -o filename.txt.asc -sa filename.txt
Then symmetrically encrypt that file:
gpg -o newfilename.asc -a -c filename.txt.asc
The recipient would then need to run the decryption command twice; first on the symmetrically encrypted file and then a second time on the file it decrypts.
The normal --verify option is only used for checking clearsigned files or files with detached signatures.
When I double click on a file PGP SDA asks for passphrase. I am able to decrypt files with a .gpg extension using this script:
gpg --batch --yes --passphrase 12345 --decrypt-files *.gpg
But when I run the above command with *.exe it gives me unknown suffix error.
Just wondering, how can I encrypt files with GPG with password under dot?
I have a file called test.txt and I want to encrypt this file into GPG with password, so this is the script I wrote to encrypt the file:
gpg - c test.txt
then it is asking for the Passphrase and I entered abc123. File test.txt.gpg was generated as a result.
Then I tried to decrypt the gpg file by using the following script under dot:
gpg -o testing.txt -d test.txt.gpg
It decrypted the file for me without asking for the password (abc123).
Does anyone know where is going wrong with my encrypt?
I'm writing a batch file to execute a program and do some requirements. After some steps, it asks me password.
Here is the .bat file I'm executing from command prompt;
C:
cd "C:\PROGRAM FILES (X86)\GNUPT\GPG"
gpg -se -r "Someone <s.s#s.com>" "D:\20130328pcs0CONTAINER0035017310.txt"
So, after this step, that gpg program asks me my password;
Anyone knows how to write password here from batch file ?
From the http://www.gnupg.org/documentation/manpage.en.html, did u try using:
--passphrase-fd n
Read the passphrase from file descriptor n. If you use 0 for n, the
passphrase will be read from stdin. This can only be used if only one
passphrase is supplied. Don't use this option if you can avoid it.
Not sure if something like this would work, set n to 1 to get the passphrase from the sdtout
maybe
gpg -se -r "Someone <s.s#s.com>" "D:\20130328pcs0CONTAINER0035017310.txt --passphrase-fd 1 & echo somePassword"
this makes one independent from the other so maybe it works. Please tell what happens
EDIT:
Mtok solved it with this:
gpg --trust-model always --passphrase some password --yes -se -r "<someone s#s.com>" "D:abc.txt"