bash script to encrypt data using a users ssh public key https://sshenc.sh
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
s2 c3ebbbfa06 add sshenc-pre1.1.1.sh to tests 2 тижднів тому
tests add sshenc-pre1.1.1.sh to tests 2 тижднів тому
README.md openssl 1.1.1 - this introduces not backward compatible changes :( 2 тижднів тому
index.html don't use `fetch`, so google maybe can render the page 10 місяці тому
logo.png resize logo 9 місяці тому
main.css add readme 11 місяці тому
sshenc-pre1.1.1.sh openssl 1.1.1 - this introduces not backward compatible changes :( 2 тижднів тому
sshenc.sh use pbkdf2 since it is available in new versions of openssl 2 тижднів тому

README.md

sshenc.sh

bash script to encrypt data using a users ssh public key

If you received a message from someone that was encrypted with this script, you can decrypt it with your ssh private key using the following command without installing anything:

bash <(curl -s https://sshenc.sh/sshenc.sh) -s ~/.ssh/id_rsa < file-containing-the-encrypted-text.txt

sshenc.sh uses openssl under the hood, so you need to have that installed in your path to make it work.

Install

curl -O https://sshenc.sh/sshenc.sh
chmod +x sshenc.sh

Examples

encrypt a file using your own ssh public key

sshenc.sh -p ~/.ssh/id_rsa.pub < plain-text-file.txt > encrypted.txt

encrypt a file using multiple recipients (broadcast encryption)

sshenc.sh -p ~/.ssh/id_rsa.pub -p id_rsa-alice.pub -p id_rsa-bob.pub < plain-text-file.txt > encrypted.txt

encrypt a file using the public key of a github user

sshenc.sh -p <(curl -sf "https://github.com/S2-.keys" | grep ssh-rsa | tail -n1) < plain-text-file.txt

this line fetches the first public key for the github user S2- and encrypts the file plain-text-file.txt using this key.

decrypt a file

sshenc.sh -s ~/.ssh/id_rsa < encrypted.txt

Notes

OpenSSL 1.1.1 introduced a not backwards compatible change: the default digest to create a key from the passphrase changed from md5 to sha-256.
Also, a new -iter parameter to explicitly specify a given number of iterations on the password in deriving the encryption key was added.
Before OpenSSL 1.1.1 this option was not available.
Since the new parameters are more secure, sshenc.sh changed to adopt them, so since 2019-11-26, files encrypted with a previous version of sshenc.sh will not decrypt.
To do so, use the prevous sshenc.sh script, located at https://sshenc.sh/sshenc-pre1.1.1.sh.

License

MIT