You are not logged in.

#1 2020-01-09 14:14:23

clusterF
Member
Registered: 2019-05-07
Posts: 458

ccrypt

Im using ccrypt lately to encrypt some files in home. Does anyone know of a way to decrypt say a txt file of passwords in the terminal via pager less or more and then encrypt upon exiting less or more pagers?

https://packages.debian.org/buster/ccrypt

I will try to work this out myself, so just putting this here for interests.

wtf..

1. we encrypt files as per normal in ccrypt "ccrypt -e FILE"

2. a script to decrypt .cpt and show in less so we can read the text.

3. a way to exit the script so it asks us to encrypt it again.


"Common sense is like deodorant, those who need it the most never use it."

git: clusterF

Offline

#2 2020-01-09 14:26:50

clusterF
Member
Registered: 2019-05-07
Posts: 458

Re: ccrypt

Ok i didnt realise it would be as simple as below example.

ccrypt -d passes.cpt && xterm -e less passes && ccrypt -e passes

"Common sense is like deodorant, those who need it the most never use it."

git: clusterF

Offline

#3 2020-01-09 16:51:46

damo
....moderator....
Registered: 2015-08-20
Posts: 5,419

Re: ccrypt

^ Nice call smile  After having a play with it I've tweaked it a little to run it in the same terminal with an alias. In .bash_aliases I now have

# decrypt and read passwords file
alias decrypt='ccrypt -d <path>/file.txt.cpt && nano <path>/file.txt && clear;ccrypt -e <path>/file.txt'

The 'clear' command gets rid of the previous "Enter decryption key:" text


Be Excellent to Each Other...

FORUM RULES and posting guidelines «» Help page for forum post formatting
Artwork on DeviantArt  «» BunsenLabs on DeviantArt

Offline

#4 2020-01-09 22:54:07

clusterF
Member
Registered: 2019-05-07
Posts: 458

Re: ccrypt

damo wrote:

^ Nice call smile  After having a play with it I've tweaked it a little to run it in the same terminal with an alias. In .bash_aliases I now have

# decrypt and read passwords file
alias decrypt='ccrypt -d <path>/file.txt.cpt && nano <path>/file.txt && clear;ccrypt -e <path>/file.txt'

The 'clear' command gets rid of the previous "Enter decryption key:" text

Thats even better, good call damo, thanks wink


"Common sense is like deodorant, those who need it the most never use it."

git: clusterF

Offline

#5 2020-01-15 13:08:53

clusterF
Member
Registered: 2019-05-07
Posts: 458

Re: ccrypt

few more things ive learned about ccrypt. Using a keyfile is a lot safer after reading how many bruteforce wordlists are out there that can crack ccrypt, well probably not just ccrypt but many others, so it pays to make it a little more complex if need be.

Also being able to encrypt recursively.

test case:

First lets create a nice strong keyfile. Keep that keyfile safe somewhere and dont lose it, also not naming it "keyfile" will help being more secure. A keyfile can be various files like an image say a .png or .jpg maybe a .pdf .txt, doesnt have to be a random generated openssl key.

openssl rand -base64 756 > <path-to-keyfile>

Now say we want to encrypt all files and folders in ~/Documents

ccrypt -k <keyfile> -v -s -r -e Documents/

-k is for keyfile
-v is for verbose
-s is for --strictsuffix

-s, --strictsuffix ( i think this is important and you can really bork the encryption if not paying attention )
                      Refuse  to encrypt files that already have the .cpt suffix (or that selected with -S). This can
                      be useful when adding some files to a directory of already encrypted files. This option has  no
                      effect in decryption or keychange mode.

-r is for recursive
-e is for encrypt

To decrypt:

ccrypt -k <keyfile> -v -s -r -d Documents/

-d is for decrypt

More info in the ccrypt manual. Its well worth the 5 minutes to read it.

Last edited by clusterF (2020-01-15 13:27:53)


"Common sense is like deodorant, those who need it the most never use it."

git: clusterF

Offline

Board footer

Powered by FluxBB