So there you have it. A small great lightweight calendar application: Calcurse !
As a bonus to myself I decided to play with the idea, that I would like to encrypt the data I have on my disk on key, since it is possible that I loose my USB with lots of customers private data. So I wrote the following script, which launches the binary from the USB, decrypts the data folder, and then upon closing Calcurse would archive the data directory, encrypt it, and move it back to the USB.
Notice the following things:
1. I use OpenSSL, this is probably lame, and I should use GPG key.
2. You have to do a few steps manually before you can use the script, you will find them in
the body of the script below as comments.
#!/bin/bash # ENCRYPTCALCURSE.SH # Written by Oz Nahum# This script is distributed under the terms of the GNU Public License # Version 3 or later. # You can obtaion copies of this license at: # http://www.gnu.org/licenses/gpl.html # A script to decrypt the calcurse_date dir, open it in # /home/ /calcurse_data # then launch calcurse pointing to it, # and upon closing calcurse, encrypt the data, move it to usb stick, # and delete all data from /home/ /calcurse_data # these commands needs to be run manually at first # 1. make calcurse files only readable by owner # $ chmod -vR 600 calcurse_data # 2. creat a tar archive of the data: # $ tar -cf calcurse_data.tar calcurse_data # 3. encrypt the archive: # $ openssl aes-256-cbc -salt -in calcurse_data.tar -out calcurse_d.tar.enc # 4. copy calcurse binary from your system to the USB key # $ cp -v `which calcurse` # 5. copy the encrypted archive to the USB # $ cp -v calcurse_d.tar.enc # 6. finally, copy the script itself to your USB, and launch: # $ bash encryptCalcurse.sh ### Begin of Script #make files readable only by owner umask 077 trap "find /dev/shm/calcurse_data -type f | xargs shred -fuz; shred -u -n 3 -z /dev/shm/calcurse_data_tmp.tar " SIGHUP SIGINT SIGQUIT SIGABRT SIGKILL SIGTERM # first decrypt the data: openssl enc -d -aes-256-cbc -salt -in calcurse_d.tar.enc -out /dev/shm/calcurse_data_tmp.tar echo "extracting data" #silently extract data, no need for verbose output (v flag) tar -C /dev/shm -xf /dev/shm/calcurse_data_tmp.tar echo "removing temporary data" #remvoe the temporary archive shred -u -n 3 -z /dev/shm/calcurse_data_tmp.tar sleep 3 #launce calcurse calcurse -D /dev/shm/calcurse_data # when calcurse is done tar the direcotry tar -cf /dev/shm/calcurse_data_tmp.tar -C /dev/shm calcurse_data #tar -cf calcurse_data_tmp.tar calcurse_data/ # then encrypt #if encryption failed $? == 1 so repeat it again ... openssl aes-256-cbc -salt -in /dev/shm/calcurse_data_tmp.tar -out calcurse_d.tar.enc es=$? while [ "$es" = "1" ]; do echo "encrypting data" openssl aes-256-cbc -salt -in /dev/shm/calcurse_data_tmp.tar -out calcurse_d.tar.enc es=$? done #if encryption succeeded remove the tar file find /dev/shm/calcurse_data -type f | xargs shred -u -n 3 -z rm -rf /dev/shm/calcurse_data shred -u -n 3 -z /dev/shm/calcurse_data_tmp.tar #copy the encrypted file back to the USB #mv ~/calcurse_d.tar.enc . #note about the salt option note found in openssl man page[1],[2] #note about lack of compresion with ssl [3] #sources: #[1]http://ubuntuforums.org/showpost.php?p=8287351&postcount=9 #[2]http://linux.die.net/man/1/enc #[3]http://serverfault.com/questions/17855/can-i-compr:ess-an-encrypted-file
No comments:
Post a Comment