Hiya Rubix, welcome aboard!
Answers are a little slow here sometimes, but everybody's always helpful and nice!
Your script looks pretty good! Those pipes ("|") won't do what you want there, if that's how you intend to run it. You're not piping output of those commands through eachother, so you'll probably want to use semicolons instead (unless of course you're planning to turn this into a multi-line and/or interactive script). You asked for a couple of things, but I don't know ALL of the answers. Here's what I do know:
2) Im sure this is not the best way to write this...I would like to know what a more elegant solution would be
-> Looks pretty good to me! I'm not sure there is a better way. You may want to use the shorter (one letter) flags for tar, just to make it look cleaner
Code:
# tar cvf encrypted-dir.tar /location/of/directory/to/encrypt
3) does gpg provide a "shred option that could be used instead of rm -f ?
-> I don't think so, but if you want to securely delete the source dir and the .tar, you can use the
shred command
4) How so you clear or overwrite the swap? --I understand the deleted data is an easier target than the encrypted file
-> I would NOT recommend doing this on a busy system, but you can do something like this:
Code:
# swapoff -a
# dd if=/dev/zero of=/dev/<your swap partition>
# mkswap /dev/<your swap partition>
# swapon -a
That'll unmount the swap partition, overwrite it with zeros, re-initialize it, and remount it. EXTREMELY dangerous if you're not sure what you're doing, but this is what we used to do when we'd get corrupt swap data on web servers (never did figure out how that happened...)[/code]
Hope this helps! This can also be made into a reuseable script (but I always get nervous about scripting things that could have dangerous consequences, like deleting things, or zeroing the swap partition
)
