add pgp-encryption note to backups

2025-12-18 12:34:20 +01:00 · 2022-08-11 07:43:52 +01:00
parent 940365d7cc
commit 738756984a
1 changed files with 30 additions and 0 deletions
--- a/backups/pgp-encryption.md
+++ b/backups/pgp-encryption.md
@@ -0,0 +1,30 @@
+## PGP encryption
+
+```
+# work in an ephemeral directory in the RAM
+mkdir /dev/shm/tmp
+cd /dev/shm/tmp
+
+# create the cleartext files with the secrets
+
+## encrypt using GPG
+# import the pubkey of the recipient with curl
+curl https://keybase.io/${username}/key.asc | gpg --import
+# encrypt the file
+gpg --recipient ${username_or_email_or_PGPpubkey} --armor --output ${file_out} --encrypt ${file_in}
+# same in short
+gpg -ar ${username_or_email_or_PGPpubkey} -o ${file_out} -e ${file_in}
+
+## encrypt using keybase (https://keybase.io/encrypt)
+# using `keybase pgp pull` which
+# imports to GPG key chain for you
+keybase follow ${username}
+keybase pgp pull ${username}
+# encrypt
+keybase pgp encrypt -i ${file_in} -o ${file_out} ${username}
+
+# send the encrypted file(s) to the recipient(s)
+
+# secure delete the directory
+srm -r /dev/shm/tmp
+```