diff --git a/README.md b/README.md index e9aee45..c38469d 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,8 @@ or: digital testament encryption management + + ### needs: Sometimes we find ourselves managing pieces of software/infrastructure/etc with all the passwords/knowledge and everything well encrypted, @@ -14,6 +16,8 @@ So I wanted something capable of encrypting a file/archive/furryporn/whatever in I looked into "Shamir secret sharing" but I find that generating a new secret that should be distributed among the interested parties could be the key for failure. + + ### requirements: * for encryption needs to use something you use (read: refresh) often @@ -21,6 +25,8 @@ I looked into "Shamir secret sharing" but I find that generating a new secret th * needs to be fairly customizable * needs to be mostrly hassle-free + + ### output: this bash script is set to take N recipients and encrypt four file to make sure only with the quorum of at least 3 recipients the file will be opened @@ -45,6 +51,8 @@ the logic behind that is really simple, it generates the various possible unique in this way only if at least 3 recipients agree to decrypt the file they will be able to + + ### requirements: in the file emails.txt: @@ -53,6 +61,8 @@ list the recipient's emails you want encrypt for in the main script gpg-quorum_3of5.sh: edit the debug variable to add your email address (if you want) for debugging purposes + + ### usage: ./gpg-quorum_3of5.sh your_file_to_encrypt.ext @@ -62,6 +72,8 @@ your output will be a file named your_file_to_encrypt.ext.ENCRYPTED + + ### thoughts: I think that the archive or file encrypted with this method should be offline and held by a person that's not one of the ones that can decrypt the file, @@ -69,6 +81,8 @@ or could be online but protected by a symmetric password so only another party c I don't have a clear idea about that right now. + + ### customization: see the example in _Examples/gpg-quorum_4of5.sh @@ -154,6 +168,7 @@ combinate=4 ``` + ### thanks to: * encrypt