 |
Elektra 0.11.0
|
|
Elektra 0.11.0
|
This plugin enables file-based encryption and decryption using GPG. Also an option for signing and verifying files using GPG is provided.
This plugin encrypts backend files before the commit is executed (thus precommit). The plugin decrypts the backend files before the getstorage opens it (thus pregetstorage). After the getstorage plugin has read the backend file, the plugin decrypts the backend file again (thus postgetstorage).
See installation. The package is called libelektra5-experimental.
There are two things to consider when using the fcrypt plugin:
The plugin directs GPG to write its (decrypted) output to a temporary directory. From there on the data can be processed by other plugins. After the get phase is over, fcrypt overwrites the temporary file and unlinks it afterwards. However, if the application crashes during get the decrypted data may remain in the temporary directory.
If the temporary directory is mounted on a hard disk, GPG writes the decrypted data on that disk. Thus we recommend to either mount /tmp to a RAM disk or specify another path as temporary directory within the plugin configuration (see Configuration below).
If you encounter the following error at kdb mount:
you might want to consider disabling the sync plugin by entering:
Please note that this is a workaround until a more sustainable solution is found.
This plugin uses parts of the crypto plugin.
Please refer to crypto.
Please refer to crypto.
You can mount the plugin with encryption enabled like this:
If you only want to sign the configuration file, you can mount the plugin like this:
Both options encrypt/key and sign/key can be combined:
If you create a key under /t
you will notice that you can not read the plain text of test.ecf because it has been encrypted by GPG.
But you can still access /t/a with kdb get:
If you are looking for a more interactive example, have a look at the following ASCIIcast at:
https://asciinema.org/a/153014
The GPG signature keys can be specified as sign/key directly. If you want to use more than one key for signing, just enumerate like:
If more than one key is defined, every private key is used to sign the file of the backend.
If a signature is attached to a file, fcrypt automatically verifies its content whenever the file is being read.
Note that the signed file is stored in the internal format of GPG. So you only see binary data when opening the signed configuration file directly. However, you can simply display the plain text content of the file by using GPG:
The GPG Configuration is described in crypto.
fcrypt operates in textmode per default. In textmode fcrypt uses the --armor option of GPG, thus the output of fcrypt is ASCII armored. If no encryption key is provided (i.e. only signature is requested) fcrypt uses the --clearsign option of GPG.
Textmode can be disabled by setting fcrypt/textmode to 0 in the plugin configuration.
fcrypt uses the configuration option fcrypt/tmpdir to generate paths for temporary files during encryption and decryption. If no such configuration option is provided, fcrypt will try to use the environment variable TMPDIR. If TMPDIR is not set in the environment, /tmp is used as default directory.
The path of the temporary directory is forwarded to GPG via the -o option, so GPG will output to this path. The directory must be readable and writable by the user.
We recommend to specify a path that is mounted to a RAM disk. It is advisable to set restrictive access rules to this path, so that other users on the system can not access it.
1.9.1