Cryptsym (All the good names were taken) stands for Crypto Symmetric file manager. It's a very simple command line wrapper for GPG in perl which tries to keep the plan text version of your sensitive files from touching or remaining on your hard drive. GPG is a wonderful program but it just isn't set up to worry about the details of your work flow in this way. My goal was to make a very simple script that people would feel comfortable using to help protect them against making stupid mistakes with their sensitive files. If you have more than a few such files you might consider creating an encrypted directory, file system, partition, or drive. Though if that seems like overkill to you, read on.
The only requirements are gpg, shred, stty, and in v0.2, an editor. No Perl modules are used.
- cryptsym foo
- cryptsym foo path/to/new/dir/or/file
- cryptsym foo.asc | less
- cryptsym -e foo.asc
If there is a new file created It will be in the same directory as the original, however plaintext goes to stdout by default and could be piped into something else. If you call it with a second argument it will put the resulting file in that directory, and or give it a new name. If you are encrypting, it uses shred to try to scrub the remains off your hard drive so the platters are nice and shinny again.
This one just toggles the file between plaintext and encrypted forms. Only one page of code!
Added an external editor option that will edit a file in place and (re)encrypt when you're done. You need to localize some config settings at the start of the script to your system, like your favorite editor and where your RAM disk is (Very important). I had to write a passphrase (pinentry) routine for this, and I was able to obfuscate it so it wasn't just sitting in ram waiting to be mined. I know it's not perfect but it's some protection anyway.
If you're looking for a wrapper with a slick GUI frontend, Check out Ryan Sawhill's Pyrite here
- 21 Jan 2014