Subject: Re: Encrypting Backups
To: Curt Sampson <firstname.lastname@example.org>
From: Todd Vierling <email@example.com>
Date: 09/30/2003 10:47:43
On Tue, 30 Sep 2003, Curt Sampson wrote:
: I'm thinking of using gpg, but after playing around for a bit I'm
: stymied on what options I can give gpg to stop it attempting to create
: key rings and all of that, and just encrypt stdin to stdout using a
: given public key.
You need key rings in order to do key selection. So, create one with a
public key on it using "gpg --import <KEYFILE". Once you've done that:
gpg -q -o /dev/stdout --yes -e -r KEYID
will work as a filter, and I've verified that it works with pipes.
As others have noted, though, it's not recoverable from a bad tape block due
to cipher block chaining, session keying (from randomness in the stream),
and internal compression. A symmetric (non-CBC!) cipher would be a better
choice if you want recoverability.
-- Todd Vierling <firstname.lastname@example.org> <email@example.com>