current community

more stack exchange communities

Stack Exchange
tour help
Take the 2-minute tour ×
Unix & Linux Stack Exchange is a question and answer site for users of Linux, FreeBSD and other Un*x-like operating systems.. It's 100% free, no registration required.
up vote 1 down vote favorite

I've written a little script for my Clonezilla USB stick which will allow me to quickly back everything up without entering any options by simply running the script.

Next, I'd like to store my public GPG key on the stick and add some encryption to my backups like so:

find . -maxdepth 1 -type f -not -iname "*.gpg" | while read file ; do
    gpg --encrypt-using-key-file "/path/to/my/keyfile" "$file"
    rm "$file"
done

What is the way to properly encrypt files using a public GPG keyfile, ensuring that it doesn't prompt for user input? How would I actually do this?

share|improve this question
add comment

1 Answer

up vote 2 down vote accepted

You must have the target key in the keyring. I am not sure whether it is necessary that the target key is valid; better make it so.

You should use a config directory on the stick. With this directory being empty you import the key:

gpg --homedir /dir/on/stick --import /target/key.asc

This needs to be done just once. From your script you do this:

gpg --homedir /dir/on/stick --trust-model always --recipient 0x12345678 \
  --output /path/to/encrypted_file.gpg --encrypt /source/file

You may consider creating a signature for the file, too. But that would make the operation a bit more complicated.

share|improve this answer
 
It's using a squashfs container as its root filesystem. If I chroot into that fs and import the key before I create the filesystem, will it... just work™? –  Naftuli Tzvi Kay Jun 24 '13 at 1:39
 
The file system should not matter. –  Hauke Laging Jun 24 '13 at 2:11
add comment

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.