[SOLVED]: Encrypting tarballs via cron

If none of the more specific forums is the right place to ask

[SOLVED]: Encrypting tarballs via cron

Postby cds60601 » 2018-01-31 19:11

Hey all

I have a cron job (that runs under root user) that calls a script that creates a tarball of directories /root /opt /etc and /home
My question is this; what would be the most efficient way to have this create the tarball and encrypt it,
preferably with gpg that uses the key created for a user other than root (chris in this case).

I can do this if I run it as myself (of course, since I have the cipher) but Is it possible based on the scenario provided?
I have read that openssl can be used but that is not my objective.

Currently (as a work-a-round), I am using 7z with a password being passed from the script (I know, not a good way of doing this but it works for now).
Any ideas/help/alternatives would be greatly appreciated.

TIA and cheers
Chris
Last edited by cds60601 on 2018-03-14 17:04, edited 1 time in total.
Yeah, 220, 221. Whatever it takes.
Server: Debian 9 (Stretch) Workstation: Archlinux
User avatar
cds60601
 
Posts: 136
Joined: 2017-11-25 05:58

Re: Encryting tarballs via cron

Postby dilberts_left_nut » 2018-02-01 07:25

So why can't you just use chris's key?
AdrianTM wrote:There's no hacker in my grandma...
User avatar
dilberts_left_nut
 
Posts: 4902
Joined: 2009-10-05 07:54
Location: enzed

SOLVED: Encrypting tarballs via cron

Postby cds60601 » 2018-02-01 08:11

dilberts_left_nut wrote:So why can't you just use chris's key?


Well - I certainly don't claim to be an expert at using gpg but I did find an alternative way of getting around this. But to your question; The cron job is created under user root so therefore I assume it is being ran as root. the root user does not have a pub/priv key created (I suppose I could go through the work flow of doing that, importing the pub keys of both root and chris, etc) then I assume it wouldn't matter (again, I stress that I am by now means fluent in gpg) at that point.

But I did some playing around and I came up with this syntax;

tar $xclude -czvpf - $backup_files | gpg --symmetric --cipher-algo aes256 --batch --passphrase=$ziggy -o $dest/$destdir/$archive_file
and this produces a file named: philby_2018-02-01_010001.tgz.gpg

The parms $ziggy is defined within the script being called with a nonsensical password that the user (chris) can use to access the gpg file.
It's a horrid kludge I'm sure - but it does accomplish what I need it to do.
Yeah, 220, 221. Whatever it takes.
Server: Debian 9 (Stretch) Workstation: Archlinux
User avatar
cds60601
 
Posts: 136
Joined: 2017-11-25 05:58

Re: Encryting tarballs via cron

Postby dilberts_left_nut » 2018-02-01 09:16

I thought the point of gpg was that *anybody* could encrypt stuff with chris's pubkey and then only chris could decrypt it with his private key.
AdrianTM wrote:There's no hacker in my grandma...
User avatar
dilberts_left_nut
 
Posts: 4902
Joined: 2009-10-05 07:54
Location: enzed


Return to General Questions

Who is online

Users browsing this forum: No registered users and 6 guests

fashionable