Big Oh Software

Operating Systems - tar heart gpg

Motivation

Let me just stipulate up front that I have bad computer karma. There, that actually feels good to get off my chest. It's my bad karma that causes me to be super paranoid about making backups of all my files. But I'm also pretty security conscious; I don't wan't copies of my files floating around in unencrypted form. It's this train of thought that leads me, once again, to profess my love for unix.

Unix makes it super easy to compress and encrypt a directory so that I can either back it up to an external disk or move it across the network to another server. The two commands that I use to get the job done are tar and gpg. The unix tar command allows me to compress and restore directory structures. The unix command gpg allows me to encrypt or decrypt a single file. What's more, I can pipe the output of tar into gpg so that I don't have to create any lage intermediary files on my hard disk.

The Code

Before I demonstrate the mutual affinity of the tar and gpg commands, I'll setup a little sand box directory structure.

$ mkdir top_secret_directory
$ echo "Sooylent green is people" > top_secret_directory/secret_file.txt
$ ls top_secret_directory/
secret_file.txt
$ cat top_secret_directory/secret_file.txt 
Soylent green is people
$ 
				

Now that I've got a little directory structure to play with, I can easily compress and encrypt my secret recipe for Soylent green.

$ tar -cz top_secret_directory/ | gpg -c > top_secret_directory.tgz.gpg
$ rm -rf top_secret_directory
$ ls top_secret_directory.tgz.gpg 
top_secret_directory.tgz.gpg
$ 				
				

The resulting file, top_secret_directory.tgz.gpg, is both compressed and encrypted. And, I didn't have to make any intermediary .tgz files, which could have been a real drag if my hard disk was reaching maximum capacity (and I was working with a much larger directory structure).

Decrypting and uncompressing top_secret_directory.tgz.gpg is also easy.

$ gpg -d top_secret_directory.tgz.gpg | tar -xzpC .
gpg: CAST5 encrypted data
gpg: encrypted with 1 passphrase
gpg: WARNING: message was not integrity protected	
$ cat top_secret_directory/secret_file.txt
Soylent green is people
$  			
				

I find that it's super useful to use the concepts discussed above in two little bash scripts. The first script, zipAndEncrypt.sh, zips and encrypts a file or directory into a single output file with a .tgz.gpg extension.

#!/bin/bash

usage="Usage: $0 /path/to/directory/to/tar/and/encrypt"

if [ $# -ne 1 ]
	then
	echo "$usage"
	exit 1
fi

nameForFile=$(echo $1 | sed 's/\//_/g' | sed 's/^\.//g' | sed 's/^_//g' | sed 's/_$//g')

if [ -z "$nameForFile" ]
	then
	nameForFile="zipAndEncryptFile"
fi

tar -cz $1 | gpg -c > $nameForFile.tgz.gpg				
				

The second script, decryptAndUnzip.sh, decryts and unzips a .tgz.gpg file to restore the original contents.

#!/bin/bash

usage="Usage: $0 /path/to/zip/and/encrypt/file.tgz.gpg"

if [ $# -ne 1 ]
	then
	echo "$usage"
	exit 1
fi

if [ -z "`echo $1 | grep .tgz.gpg`" ]
	then
	echo "$1 doesn't appear to be a zipped and encrypted file"
	echo "Usage: $0 /path/to/zip/and/encrypt/file.tgz.gpg"
	exit 1
fi

gpg -d $1 | tar -xzpC .			
				

Related Links

• tar Man Page
• gpg Manual

Shameless Advertising

This site relies on advertising revenue to fund its operating expenses.

Copyright © 2009 Big Oh Software. All Rights Reserved.

Powered by Tomcat. Design courtesy of Spyka. Valid XHTML and CSS?