Brett Hutley's Blog » crypto http://bretthutley.com Home on the Digital Range Mon, 23 Jan 2012 21:21:43 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 Using gpg to encrypt files on a web server http://bretthutley.com/2007/11/29/using-gpg-to-encrypt-files-on-a-web-server/ http://bretthutley.com/2007/11/29/using-gpg-to-encrypt-files-on-a-web-server/#comments Thu, 29 Nov 2007 15:33:40 +0000 brett http://hutley.net/brett/2007/11/29/using-gpg-to-encrypt-files-on-a-web-server/
  • Converting WMA files to MP3
  • Using CVS and ssh under Emacs…
  • Emacs and Ruby on Rails
    • ]]>     I was working on my website ValidateModel.com, and I wanted a way to protect files that are uploaded by the users. My solution is to encrypt the files with gpg when they are uploaded. Only the public key is stored on the server and the files are encrypted with this. The only way for the files to be decrypted is for them to be downloaded and then decrypted with my private key.

    The steps needed in order to achieve this are:

    1. Obtain gpg and generate a public/private key if you don't already have one (gpg --gen-key)
    2. Export your public key to a file (gpg -a --export > pubkey.txt)
    3. Upload the pubkey.txt file to your server
    4. Create a directory accessible to the webserver (apache) process
    5. Create a public keyring in this directory (gpg --no-default-keyring --keyring /path/to/pubring.gpg --import pubkey.txt)
    6. Make sure that this file is readable by your webserver process
    7. You may now encrypt files using the command line "gpg -q --batch --no-options --no-default-keyring --keyring /path/to/pubring.gpg -r brett --always-trust --output encrypted.enc --encrypt unencrypted.txt".

    Make sure you back up your private keyring - if you lose it, your files will NEVER be decrypted!

    Related posts:

    1. Converting WMA files to MP3
    2. Using CVS and ssh under Emacs…
    3. Emacs and Ruby on Rails

    ]]>     http://bretthutley.com/2007/11/29/using-gpg-to-encrypt-files-on-a-web-server/feed/ 0