This value may range between 101712 inclusive. # Specify how many times the passphrases mangling for symmetric encryption is # Use name as the digest algorithm used to mangle the passphrases for symmetric # if -personal-cipher-preferences and -cipher-algo are not given. # Use name as the cipher algorithm for symmetric encryption with a passphrase # iterates the whole process a number of times (see -s2k-count). # Selects how passphrases for symmetric encryption are mangled. # GnuPG 1.4.10 (release 2009) supporting SHA-2 algorithm, this should be safe. # cert-digest-algo, the OpenPGP V4 specification is not met but with even # SHA-1 is the only algorithm specified for OpenPGP V4. # signatures you make, or quite possibly your entire key. # implementations do not, then some users will not be able to use the key # aware that if you choose an algorithm that GnuPG supports but other OpenPGP # program with the command -version yields a list of supported algorithms. # Use name as the message digest algorithm used when signing a key.
#Send private key in gpg mail zip#
# for new keys and becomes the default for "setpref" in the edit menu.ĭefault-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed # Set the list of default preferences to string. Personal-compress-preferences ZLIB BZIP2 ZIP Personal-cipher-preferences AES256 AES192 AES CAST5 CAMELLIA192 BLOWFISH TWOFISH CAMELLIA128 3DES Personal-digest-preferences SHA512 SHA384 SHA256 SHA224 # preferences, as GPG will only select an algorithm that is usable by all # the user to safely override the algorithm chosen by the recipient key # Set the list of personal digest/cipher/compression preferences. # Assume that command line arguments are given as UTF8 strings. In order of importance, Secure - Low IO - High Efficiency.Ĭreate a master key using this script: #!/bin/bashĮcho "Existing keys were moved to '.gnupg.bak'."
Is there a better way to do this? Should I be using some sort of keystore that I can store references for inside my DB? I am working with very many key pairs which go from DB to UI to API(3 separate containers) to BASH(in the API container)to create a connection and perform functions on each of these hosts.
I've also considered storing the keys in a container volume as files (id_rsa, id_rsa.pub) and referencing those paths in the database(or hardcoding a path). Should I be concerned about using echo on a string containing a key? This occurs inside an alpine linux container. However, I've since realised that I will have to use these keys in bash scripts, after being decrypted, in order to scp or ssh(key has to be a file so this will also increase IO).
#Send private key in gpg mail how to#
How to securely work with private keys in a bash script? My first attempt involves storing the encrypted key pair in a field in the database(mongo).
0 kommentar(er)
