kill gpg
ssh-keygen and age
1# encrypt for me
2# use: encrypt file1 file2...
3function encrypt() {
4 # local pubkey="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKnAmz4u5/51kPPsebDCiYTXvuftUORh/TJ4pvN3NvQa"
5 local pubkey=age14mg08panez45c6lj2cut2l8nqja0k5vm2vxmv5zvc4ufqgptgy2qcjfmuu
6 for f in "$@"; do
7 age -r ${pubkey} -o ${f}.age ${f}
8 done
9}
10
11# decrypt for me
12# use: decrypt file1 file2...
13function decrypt() {
14 # local privkey=$HOME/.ssh/id_ed25519
15 local privkey=$HOME/keys/age.key
16 for f in "$@"; do
17 age -d -i ${privkey} -o ${f} ${f%%.age}
18 done
19}
20
21# sign by me
22# use: sign file1 file2...
23function sign() {
24 local privkey=$HOME/.ssh/id_ed25519
25 for f in "$@"; do
26 ssh-keygen -Y sign -f ${privkey} -n signed@seankhliao.com ${f}
27 done
28}
29
30# verify by me
31# use: verify file1 file2...
32function verify() {
33 local accepted=$HOME/keys/ssh-sign-accepted
34 for f in "$@"; do
35 ssh-keygen -Y verify -n signed@seankhliao.com -f ${accepted} -I arccy@eevee -s ${f}.sig < ${f}
36 done
37}
with age
no, go get
doesn't work
1$ git clone https://github.com/FiloSottile/age
2$ cd age && go install ./cmd/...
or use ssh keys
1$ age-keygen -o age.key
1$ age -r "public key of recipient" -o output.file.age input.file
2
3"age public key": "age14mg08panez45c6lj2cut2l8nqja0k5vm2vxmv5zvc4ufqgptgy2qcjfmuu"
4"ssh public key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKnAmz4u5/51kPPsebDCiYTXvuftUORh/TJ4pvN3NvQa"
1$ age -d -i path/to/private.key -o output.file input.file.age
with ssh-keygen. why keygen? I don't know
1$ ssh-keygen -t ed25519
1$ ssh-keygen -Y sign -f path/to/private.key -n file@seankhliao.com input.file1
1$ ssh-keygen -Y verify -n file@seankhliao -f accepted.file -I identity -s input.file.sig < input.file
# comments
user@domain key-type KEYGOESHERE
# certs signed by this CA are accepted
*@domain cert-authority key-type KEYGOESHERE
user@domain namespaces="whitelist,of,namespaces" key-type KEYGOESHERE