When you have sensitive data that you need to transmit but want to
make it easy to encrypt and decrypt it, use some standard tools to get
the job done!
I recently had an issue where a client was using OS X laptops running an Admin panel written in PHP on MAMP in an environment that may or may not have an internet connection. The problem was that they needed to be able to dump their database data into an encrypted file so that they could send the data off when they get a connection (via email, upload, who knows). My initial response was to use gpg to encrypt the file and hand out the keys to the people who would eventually be reading the data.
Turns out, this was going to be a nightmare and I needed something ‘easier’. How about encrypting a tar file with OpenSSL? Bingo! This solution uses utilities that are already on the machine and no installations need to be performed. The reason this was such a big deal is because the laptops running this software will be all over the world with various levels of technical acumen and it will be a nightmare to make sure every single laptop has been updated correctly.
Essentially, just call all the commands in the reverse order.
from http://blog.ashurex.com/2012/07/17/encrypting-tar-gz-gzip-file-openssl/
I recently had an issue where a client was using OS X laptops running an Admin panel written in PHP on MAMP in an environment that may or may not have an internet connection. The problem was that they needed to be able to dump their database data into an encrypted file so that they could send the data off when they get a connection (via email, upload, who knows). My initial response was to use gpg to encrypt the file and hand out the keys to the people who would eventually be reading the data.
Turns out, this was going to be a nightmare and I needed something ‘easier’. How about encrypting a tar file with OpenSSL? Bingo! This solution uses utilities that are already on the machine and no installations need to be performed. The reason this was such a big deal is because the laptops running this software will be all over the world with various levels of technical acumen and it will be a nightmare to make sure every single laptop has been updated correctly.
Encrypting Your File
tar and gzip the file, then encrypt it using des3 and a secret key:# tar cvzf - mysql_dump.sql | openssl des3 -salt -k YOUR-PASSWORD | dd of=encrypted_mysql_dumpDecrypting Your File
# dd if=encrypted_mysql_dump |openssl des3 -d -k YOUR-PASSWORD |tar xvzf - Download the Utility Scripts
Download them!from http://blog.ashurex.com/2012/07/17/encrypting-tar-gz-gzip-file-openssl/
