4
Based on this question:encrypt files before sending them to cloud.
considering openssl:
For example when using openssl we can write the files fooenc.sh
:
#!/bin/sh
openssl enc -bf -nopad -pass pass:1KjeHD8d6YUI80bIIEAQ9iYr@njqLw3T
and foodec.sh
:
#!/bin/sh
openssl enc -bf -nopad -d -pass pass:1KjeHD8d6YUI80bIIEAQ9iYr@njqLw3T
In the .git/config
file in your repository you should specify these filters;
[filter "crypt"]
clean = fooenc.sh
smudge = foodec.sh
i tried this approach and it occurred me:
error: cannot run fooenc.sh: No such file or directory
error: cannot fork to run external filter ourenc.sh
error: external filter fooenc.sh failed
Where am i suppose to put this *.sh?
Even that if i try to put
[filter "crypt"]
clean = openssl enc -bf -nopad -pass pass:1KjeHD8d6YUI80bIIEAQ9iYr@njqLw3T
smudge = openssl enc -bf -nopad -d -pass pass:1KjeHD8d6YUI80bIIEAQ9iYr@njqLw3T
even thought it occurred me:
bad decrypt
3074115260:error:0607F08A:digital envelope routines:EVP_EncryptFinal_ex:data not multiple of block length:evp_enc.c:414:
error: external filter openssl enc -bf -nopad -pass pass:1KjeHD8d6YUI80bIIEAQ9iYr@njqLw3T failed 1
error: external filter openssl enc -bf -nopad -pass pass:1KjeHD8d6YUI80bIIEAQ9iYr@njqLw3T failed
Another aproaches were take in place like git-remote-encrypt or another using GnuPG:
In .git/info/attributes
use:
myPrivateInfosFile filter=gpg diff=gpg
In your repo .git/config
file:
[filter "gpg"]
smudge = gpg -d -q --batch --no-tty
clean = gpg -ea -q --batch --no-tty -r C920A124
[diff "gpg"]
textconv = decrypt
At last, using git-remote-encrypt approach it occured me:
gcrypt: Remote ID is :id:k/a9sdsd332e3442wdaJ
Counting objects: 102, done.
Compressing objects: 100% (71/71), done.
Total 102 (delta 8), reused 0 (delta 0)
gcrypt: Encrypting to: --throw-keyids --default-recipient-self
gcrypt: Requesting manifest signature
gpg: no default secret key: secret key not available
gpg: [stdin]: sign+encrypt failed: secret key not available
error: failed to push some refs to 'gcrypt::rsync:https://example@bitbucket.org/ourstuffteam/our.git'
None of this was a successful approach.
** According to this or others new approaches. How can i encrypt data into git more properly into bitbucket?**
Who cares about where to put it? Just use absolute paths. Also, because these commands probably use pipes, use
exec
when putting these commands in an external script. – Daniel B – 2015-04-12T11:45:29.627yes, you are right. first i used absolute paths outside of repo, but needs permissions.
~/ourenc.sh: 1: ~/ourenc.sh: /home/mypc/ourenc.sh: Permission denied
even if i write the command line directly it occurs meBad Decrypt
– ePascoal – 2015-04-12T12:14:17.947If it says “Permission denied” the file wasn’t executable (+x). Can’t help you with the rest, but you might want to try without
-nopad
. – Daniel B – 2015-04-12T13:04:20.247Please edit your question to remove the noise about being a new user, and make clear where your problem is different from the question you link to. If it's not different then it simply is a duplicate and will be closed as such. – Arjan – 2015-04-12T13:29:04.617
@DanielB thans for your suggestion. I don't know why, removing
-nopad
it works it will encrypt. The unique problem now is how to put .sh files outside the repo since that i need permissions to execute inside.git/config
. @Arjan this is not a duplicate question since that it gives 3 approaches to the same problem, for that reason edited this question like you have suggested taking this issue as a question based on another and not duplicate. to solve encrypt issues on git. – ePascoal – 2015-04-12T13:33:49.453