added to readme

This commit is contained in:
panda 2021-08-01 01:29:09 +02:00
parent 5c1d8b00f0
commit 2806bfc0d1

View file

@ -2,6 +2,8 @@
or: digital testament encryption management or: digital testament encryption management
### needs: ### needs:
Sometimes we find ourselves managing pieces of software/infrastructure/etc with all the passwords/knowledge and everything well encrypted, Sometimes we find ourselves managing pieces of software/infrastructure/etc with all the passwords/knowledge and everything well encrypted,
@ -14,6 +16,8 @@ So I wanted something capable of encrypting a file/archive/furryporn/whatever in
I looked into "Shamir secret sharing" but I find that generating a new secret that should be distributed among the interested parties could be the key for failure. I looked into "Shamir secret sharing" but I find that generating a new secret that should be distributed among the interested parties could be the key for failure.
### requirements: ### requirements:
* for encryption needs to use something you use (read: refresh) often * for encryption needs to use something you use (read: refresh) often
@ -21,6 +25,8 @@ I looked into "Shamir secret sharing" but I find that generating a new secret th
* needs to be fairly customizable * needs to be fairly customizable
* needs to be mostrly hassle-free * needs to be mostrly hassle-free
### output: ### output:
this bash script is set to take N recipients and encrypt four file to make sure only with the quorum of at least 3 recipients the file will be opened this bash script is set to take N recipients and encrypt four file to make sure only with the quorum of at least 3 recipients the file will be opened
@ -45,6 +51,8 @@ the logic behind that is really simple, it generates the various possible unique
in this way only if at least 3 recipients agree to decrypt the file they will be able to in this way only if at least 3 recipients agree to decrypt the file they will be able to
### requirements: ### requirements:
in the file emails.txt: in the file emails.txt:
@ -53,6 +61,8 @@ list the recipient's emails you want encrypt for
in the main script gpg-quorum_3of5.sh: in the main script gpg-quorum_3of5.sh:
edit the debug variable to add your email address (if you want) for debugging purposes edit the debug variable to add your email address (if you want) for debugging purposes
### usage: ### usage:
./gpg-quorum_3of5.sh your_file_to_encrypt.ext ./gpg-quorum_3of5.sh your_file_to_encrypt.ext
@ -62,6 +72,8 @@ your output will be a file named
your_file_to_encrypt.ext.ENCRYPTED your_file_to_encrypt.ext.ENCRYPTED
### thoughts: ### thoughts:
I think that the archive or file encrypted with this method should be offline and held by a person that's not one of the ones that can decrypt the file, I think that the archive or file encrypted with this method should be offline and held by a person that's not one of the ones that can decrypt the file,
@ -69,6 +81,8 @@ or could be online but protected by a symmetric password so only another party c
I don't have a clear idea about that right now. I don't have a clear idea about that right now.
### customization: ### customization:
see the example in _Examples/gpg-quorum_4of5.sh see the example in _Examples/gpg-quorum_4of5.sh
@ -154,6 +168,7 @@ combinate=4
``` ```
### thanks to: ### thanks to:
* encrypt * encrypt