added to readme
This commit is contained in:
parent
5c1d8b00f0
commit
2806bfc0d1
1 changed files with 15 additions and 0 deletions
15
README.md
15
README.md
|
@ -2,6 +2,8 @@
|
||||||
|
|
||||||
or: digital testament encryption management
|
or: digital testament encryption management
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### needs:
|
### needs:
|
||||||
|
|
||||||
Sometimes we find ourselves managing pieces of software/infrastructure/etc with all the passwords/knowledge and everything well encrypted,
|
Sometimes we find ourselves managing pieces of software/infrastructure/etc with all the passwords/knowledge and everything well encrypted,
|
||||||
|
@ -14,6 +16,8 @@ So I wanted something capable of encrypting a file/archive/furryporn/whatever in
|
||||||
|
|
||||||
I looked into "Shamir secret sharing" but I find that generating a new secret that should be distributed among the interested parties could be the key for failure.
|
I looked into "Shamir secret sharing" but I find that generating a new secret that should be distributed among the interested parties could be the key for failure.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### requirements:
|
### requirements:
|
||||||
|
|
||||||
* for encryption needs to use something you use (read: refresh) often
|
* for encryption needs to use something you use (read: refresh) often
|
||||||
|
@ -21,6 +25,8 @@ I looked into "Shamir secret sharing" but I find that generating a new secret th
|
||||||
* needs to be fairly customizable
|
* needs to be fairly customizable
|
||||||
* needs to be mostrly hassle-free
|
* needs to be mostrly hassle-free
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### output:
|
### output:
|
||||||
|
|
||||||
this bash script is set to take N recipients and encrypt four file to make sure only with the quorum of at least 3 recipients the file will be opened
|
this bash script is set to take N recipients and encrypt four file to make sure only with the quorum of at least 3 recipients the file will be opened
|
||||||
|
@ -45,6 +51,8 @@ the logic behind that is really simple, it generates the various possible unique
|
||||||
|
|
||||||
in this way only if at least 3 recipients agree to decrypt the file they will be able to
|
in this way only if at least 3 recipients agree to decrypt the file they will be able to
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### requirements:
|
### requirements:
|
||||||
|
|
||||||
in the file emails.txt:
|
in the file emails.txt:
|
||||||
|
@ -53,6 +61,8 @@ list the recipient's emails you want encrypt for
|
||||||
in the main script gpg-quorum_3of5.sh:
|
in the main script gpg-quorum_3of5.sh:
|
||||||
edit the debug variable to add your email address (if you want) for debugging purposes
|
edit the debug variable to add your email address (if you want) for debugging purposes
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### usage:
|
### usage:
|
||||||
|
|
||||||
./gpg-quorum_3of5.sh your_file_to_encrypt.ext
|
./gpg-quorum_3of5.sh your_file_to_encrypt.ext
|
||||||
|
@ -62,6 +72,8 @@ your output will be a file named
|
||||||
your_file_to_encrypt.ext.ENCRYPTED
|
your_file_to_encrypt.ext.ENCRYPTED
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### thoughts:
|
### thoughts:
|
||||||
|
|
||||||
I think that the archive or file encrypted with this method should be offline and held by a person that's not one of the ones that can decrypt the file,
|
I think that the archive or file encrypted with this method should be offline and held by a person that's not one of the ones that can decrypt the file,
|
||||||
|
@ -69,6 +81,8 @@ or could be online but protected by a symmetric password so only another party c
|
||||||
I don't have a clear idea about that right now.
|
I don't have a clear idea about that right now.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### customization:
|
### customization:
|
||||||
|
|
||||||
see the example in _Examples/gpg-quorum_4of5.sh
|
see the example in _Examples/gpg-quorum_4of5.sh
|
||||||
|
@ -154,6 +168,7 @@ combinate=4
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### thanks to:
|
### thanks to:
|
||||||
|
|
||||||
* encrypt
|
* encrypt
|
||||||
|
|
Loading…
Reference in a new issue