Fwd: Re: Encrypt /decrypta file with ssh keys.

James Murphy james.murphy.debian at gmail.com
Sat Aug 6 03:09:46 AEST 2016


The more mainstream thing to do is just use gpg, which has this
functionality already built in. Is this not suitable for your use case?

On 08/05/2016 11:47 AM, Colin Leavett-Brown wrote:
> As per Alex's suggestion, attached is the proof of concept "sfile"
> script. If there is anyone out there with great C skills who can
> recreate this functionality "out of the box", I think there would be a
> few happy campers (at least two, anyways).
> 
> 
> 
> -------- Forwarded Message --------
> Subject:     Re: Encrypt /decrypta file with ssh keys.
> Date:     Fri, 5 Aug 2016 17:24:35 +0100
> From:     Alex Bligh <alex at alex.org.uk>
> To:     Colin Leavett-Brown <crlb at uvic.ca>
> CC:     Alex Bligh <alex at alex.org.uk>
> 
> 
> 
> Colin,
> 
>> On 5 Aug 2016, at 17:03, Colin Leavett-Brown <crlb at uvic.ca> wrote:
>>
>> Hi Alex, I think this should be part of Openssh. Do you want to try
>> the wrapper? I've attached the code and it does exactly what you want.
>> Let us know what you think. "sfile" without any parms will tell you
>> how to use it. Colin.
> 
> I read the code. Interesting. I suspect you will need to rewrite it in C
> (without relying on distro specific things like readlink -f) and paying
> close attention to e.g. minimising temporary files, ensuring they are
> created with the right modes and deleted on signals etc. in order to get
> it submitted. I think I might make the magic code longer so it can be
> more easily detected by 'file' etc. But it's an interesting proof of
> concept - TBH I'd just post it to the list as such.
> 
> Alex
> 
>>
>>
>> On 16-08-05 08:50 AM, Alex Bligh wrote:
>>>> On 5 Aug 2016, at 16:30, Colin Leavett-Brown <crlb at uvic.ca> wrote:
>>>>
>>>> Hello,  I needed to share some secret info with one or two specific
>>>> individuals and wrote a short wrapper script to encrypt/decrypt
>>>> files using ssh keys (everyone has at least one pair). In searching,
>>>> I found others wanting this functionality and borrowed heavily from
>>>> this doc "http://www.czeskis.com/random/openssl-encrypt-file.html"
>>>> in writing the script. I am willing to share the code if anyone is
>>>> interested.
>>> I was asking for this functionality only yesterday. My particular use
>>> was to encrypt a file with someone else's public key, to send to them
>>> so they could decrypt with their private key.
>>>
>>> If ssh (or some accompanying binary) could do this out the box, it
>>> would be great.
>>>
>>
>> -- 
>> Colin Leavett-Brown
>> Physics and Astronomy
>> University of Victoria
>> 250-472-4085
>>
>> <sfile.txt>
> 
> 
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
> 


More information about the openssh-unix-dev mailing list