Register
It is currently Sat Nov 22, 2014 10:33 pm

Tar a directory | gpg it | shred original directory & .t


All times are UTC - 6 hours


Post new topic Reply to topic  [ 2 posts ] 
Author Message
 PostPosted: Mon Jul 09, 2007 1:20 pm   

Joined: Mon Jul 09, 2007 12:26 pm
Posts: 1
Hello all,
First without gushing let me say how happy I am to have found this board.

My project is to create a bash script that will do the following -

1) tar a directory while retaining dir structure
2) gpg the resulting .tar
3) shred the original directory and .tar
4) any additional clean up needed


tar --create --verbose --file=encrypted-dir.tar /location/of/directory/to/encrypt | gpg -e encrypted-dir.tar | rm -f /location/of/directory/you/encrypted encrypted_dir.tar

this is what I have so far and it will, im afraid give away my lack of experience in bash scripting (2 wks) but I'm trying hard to learn and this looks like the best place to go for experienced help.

Questions

1) Is there a way to make the gpg command more secure...i.e armor...anything else?
2) Im sure this is not the best way to write this...I would like to know what a more elegant solution would be
3) does gpg provide a "shred option that could be used instead of rm -f ?
4) How so you clear or overwrite the swap? --I understand the deleted data is an easier target than the encrypted file


Thanks in advance for your help! I look for ward to working on this

RubiX


Top
 Profile  
 PostPosted: Tue Jul 10, 2007 8:25 pm   
Moderator
User avatar

Joined: Wed May 03, 2006 2:05 pm
Posts: 242
Hiya Rubix, welcome aboard!

Answers are a little slow here sometimes, but everybody's always helpful and nice!

Your script looks pretty good! Those pipes ("|") won't do what you want there, if that's how you intend to run it. You're not piping output of those commands through eachother, so you'll probably want to use semicolons instead (unless of course you're planning to turn this into a multi-line and/or interactive script). You asked for a couple of things, but I don't know ALL of the answers. Here's what I do know:

2) Im sure this is not the best way to write this...I would like to know what a more elegant solution would be

-> Looks pretty good to me! I'm not sure there is a better way. You may want to use the shorter (one letter) flags for tar, just to make it look cleaner

Code:
# tar cvf encrypted-dir.tar /location/of/directory/to/encrypt



3) does gpg provide a "shred option that could be used instead of rm -f ?

-> I don't think so, but if you want to securely delete the source dir and the .tar, you can use the shred command


4) How so you clear or overwrite the swap? --I understand the deleted data is an easier target than the encrypted file

-> I would NOT recommend doing this on a busy system, but you can do something like this:

Code:
# swapoff -a
# dd if=/dev/zero of=/dev/<your swap partition>
# mkswap /dev/<your swap partition>
# swapon -a


That'll unmount the swap partition, overwrite it with zeros, re-initialize it, and remount it. EXTREMELY dangerous if you're not sure what you're doing, but this is what we used to do when we'd get corrupt swap data on web servers (never did figure out how that happened...)[/code]


Hope this helps! This can also be made into a reuseable script (but I always get nervous about scripting things that could have dangerous consequences, like deleting things, or zeroing the swap partition :) )


Top
 Profile YIM  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC - 6 hours


Who is online

Users browsing this forum: Google [Bot] and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


BashScripts | Promote Your Page Too
Powered by phpBB © 2011 phpBB Group
© 2003 - 2011 USA LINUX USERS GROUP