|s2 c3ebbbfa06 add sshenc-pre1.1.1.sh to tests||2 months ago|
|tests||2 months ago|
|README.md||2 months ago|
|index.html||1 year ago|
|logo.png||10 months ago|
|main.css||1 year ago|
|sshenc-pre1.1.1.sh||2 months ago|
|sshenc.sh||2 months ago|
bash script to encrypt data using a users ssh public key
If you received a message from someone that was encrypted with this script, you can decrypt it with your ssh private key using the following command without installing anything:
bash <(curl -s https://sshenc.sh/sshenc.sh) -s ~/.ssh/id_rsa < file-containing-the-encrypted-text.txt
sshenc.sh uses openssl under the hood, so you need to have that installed in your path to make it work.
curl -O https://sshenc.sh/sshenc.sh chmod +x sshenc.sh
sshenc.sh -p ~/.ssh/id_rsa.pub < plain-text-file.txt > encrypted.txt
sshenc.sh -p ~/.ssh/id_rsa.pub -p id_rsa-alice.pub -p id_rsa-bob.pub < plain-text-file.txt > encrypted.txt
sshenc.sh -p <(curl -sf "https://github.com/S2-.keys" | grep ssh-rsa | tail -n1) < plain-text-file.txt
this line fetches the first public key for the github user S2- and encrypts the file plain-text-file.txt using this key.
sshenc.sh -s ~/.ssh/id_rsa < encrypted.txt
OpenSSL 1.1.1 introduced a not backwards compatible change: the default digest to create a key from the passphrase changed from md5 to sha-256.
Also, a new
-iter parameter to explicitly specify a given number of iterations on the password in deriving the encryption key was added.
Before OpenSSL 1.1.1 this option was not available.
Since the new parameters are more secure,
sshenc.sh changed to adopt them, so since 2019-11-26, files encrypted with a previous version of
sshenc.sh will not decrypt.
To do so, use the prevous
sshenc.sh script, located at https://sshenc.sh/sshenc-pre1.1.1.sh.