s2/sshenc.sh
1
0
Fork 0
mirror of https://github.com/5im-0n/sshenc.sh.git synced 2025-08-03 11:50:04 +02:00
Code Issues Releases Wiki Activity

Compare commits

base: s2:c83123b09ab67563983c5ad517f7c5afb9e3a7a5
Branches Tags
s2:master
...
compare: s2:7524cf078a263cdfd40407f643bd65b1533e6da5
Branches Tags
s2:master

3 Commits
c83123b09a ... 7524cf078a

Author SHA1 Message Date
s2
7524cf078a use $me instead of basename, so it works better when it comes from stdin 2019-01-16 22:36:40 +01:00
s2
6cc79ed5b4 don't write empty key tag 2019-01-16 22:30:03 +01:00
s2
928d45a383 make subtext bold 2019-01-16 21:34:13 +01:00
2 changed files with 10 additions and 9 deletions
Expand all files Collapse all files

2
README.md
View File

@@ -1,5 +1,5 @@
# sshenc.sh # sshenc.sh
> bash script to encrypt data using a users ssh public key. **bash script to encrypt data using a users ssh public key**
If you received a message from someone that was encrypted with this script, you can decrypt it with your ssh private key using the following command without installing anything: If you received a message from someone that was encrypted with this script, you can decrypt it with your ssh private key using the following command without installing anything:
``` ```

17
sshenc.sh
View File

@@ -41,8 +41,8 @@ shift $((OPTIND -1))
[ "$1" = "--" ] && shift [ "$1" = "--" ] && shift
temp_dir="$(mktemp -d -t "$me.XXXXXX")" temp_dir="$(mktemp -d -t "$me.XXXXXX")"
temp_file_key="$(mktemp "$temp_dir/$(basename "$0").XXXXXX.key")" temp_file_key="$(mktemp "$temp_dir/$me.XXXXXX.key")"
temp_file="$(mktemp "$temp_dir/$(basename "$0").XXXXXX.cypher")" temp_file="$(mktemp "$temp_dir/$me.XXXXXX.cypher")"
trap cleanup EXIT trap cleanup EXIT
#encrypt #encrypt
@@ -54,13 +54,14 @@ if [[ "${#public_key[@]}" > 0 ]]; then
for pubkey in "${public_key[@]}" for pubkey in "${public_key[@]}"
do do
if [[ -e "$pubkey" ]]; then if [[ -e "$pubkey" ]]; then
echo "-- key"
convertedpubkey=$temp_dir/$(basename "$pubkey").pem convertedpubkey=$temp_dir/$(basename "$pubkey").pem
ssh-keygen -f "$pubkey" -e -m PKCS8 > $convertedpubkey ssh-keygen -f "$pubkey" -e -m PKCS8 > $convertedpubkey
#encrypt key with public keys #encrypt key with public keys
openssl rsautl -encrypt -pubin -inkey "$convertedpubkey" -in "$temp_file_key" -out $temp_dir/$(basename "$pubkey").key.enc if openssl rsautl -encrypt -pubin -inkey "$convertedpubkey" -in "$temp_file_key" -out $temp_dir/$(basename "$pubkey").key.enc; then
openssl base64 -in $temp_dir/$(basename "$pubkey").key.enc echo "-- key"
echo "-- /key" openssl base64 -in $temp_dir/$(basename "$pubkey").key.enc
echo "-- /key"
fi
fi fi
done done
echo "-- /keys" echo "-- /keys"
@@ -92,8 +93,8 @@ elif [[ -e "$private_key" ]]; then
if ((echo "$key" | openssl base64 -d | openssl rsautl -decrypt -ssl -inkey "$private_key" > "$temp_file") > /dev/null 2>&1); then if ((echo "$key" | openssl base64 -d | openssl rsautl -decrypt -ssl -inkey "$private_key" > "$temp_file") > /dev/null 2>&1); then
if echo "$cypher" | openssl base64 -d | openssl aes-256-cbc -d -pass file:"$temp_file"; then if echo "$cypher" | openssl base64 -d | openssl aes-256-cbc -d -pass file:"$temp_file"; then
decrypted=true decrypted=true
fi; fi
fi; fi
done done
if [ $decrypted = false ]; then if [ $decrypted = false ]; then