Encrypt File: mudanças entre as edições

De Wiki Clusterlab.com.br
Ir para navegação Ir para pesquisar
 
(3 revisões intermediárias pelo mesmo usuário não estão sendo mostradas)
Linha 2: Linha 2:
==Encrypt/decrypt file==
==Encrypt/decrypt file==
<syntaxhighlight lang=bash>
<syntaxhighlight lang=bash>
$ date > date.file
date > date.file


$ openssl aes-256-cbc -in date.file -out date.file.crypt
openssl aes-256-cbc -salt -e -in date.file -out date.file.crypt
enter AES-256-CBC encryption password:
enter AES-256-CBC encryption password:
Verifying - enter AES-256-CBC encryption password:
Verifying - enter AES-256-CBC encryption password:
Linha 10: Linha 10:
Using -iter or -pbkdf2 would be better.
Using -iter or -pbkdf2 would be better.


$ cat date.file.crypt
cat date.file.crypt
Salted__�)�w��mx�j��ar�j�$���ɭ(�T�e/i�u�^�
Salted__�)�w��mx�j��ar�j�$���ɭ(�T�e/i�u�^�


$ openssl aes-256-cbc -d -in date.file.crypt  -out date.file.decrypt
openssl aes-256-cbc -d -in date.file.crypt  -out date.file.decrypt
enter AES-256-CBC decryption password:
enter AES-256-CBC decryption password:
*** WARNING : deprecated key derivation used.
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
Using -iter or -pbkdf2 would be better.


$ cat date.file.decrypt
cat date.file.decrypt
ter 09 mai 2023 16:30:39 -03
ter 09 mai 2023 16:30:39 -03
</syntaxhighlight>
</syntaxhighlight>
Linha 24: Linha 24:
==Tar directory==
==Tar directory==
<syntaxhighlight lang=bash>
<syntaxhighlight lang=bash>
$ tar cf - ./somedir/ | gzip | openssl aes-256-cbc -in - -out - > somedir.tgz.crypt
tar cf - ./somedir/ | gzip | openssl aes-256-cbc -salt -e -in - -out - > somedir.tgz.crypt
$ cat somedir.tgz.crypt | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir
cat somedir.tgz.crypt | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir
</syntaxhighlight>
</syntaxhighlight>


==Tar directory high compression multi-thread==
==Tar directory high compression multi-thread==
<syntaxhighlight lang=bash>
<syntaxhighlight lang=bash>
$ export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
$ tar cf - ./somedir/ | pigz -p $THREADS -9  | openssl aes-256-cbc -in - -out - > somedir.tgz.crypt
tar cf - ./somedir/ | pigz -p $THREADS -9  | openssl aes-256-cbc -salt -e -in - -out - > somedir.tgz.crypt
$ cat somedir.tgz.crypt | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir
cat somedir.tgz.crypt | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir
</syntaxhighlight>
</syntaxhighlight>


==Tar directory with high compression, multi-thread and splitting output in multiple files==
==Tar directory with high compression, multi-thread and splitting output in multiple files==
<syntaxhighlight lang=bash>
<syntaxhighlight lang=bash>
$ export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
$ tar cf - ./somedir/ | pigz -p $THREADS -9  | openssl aes-256-cbc -salt -e -in - -out - | split -b 256m - somedir.tgz.crypt.
tar cf - ./somedir/ | pigz -p $THREADS -9  | openssl aes-256-cbc -salt -e -in - -out - | split -b 256m - somedir.tgz.crypt.
$ cat somedir.tgz.crypt.* | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir
cat somedir.tgz.crypt.* | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir
</syntaxhighlight>
</syntaxhighlight>


==Tar directory with high compression, multi-thread, splitting output in multiple files with statistics==
==Tar directory with high compression, multi-thread, splitting output in multiple files with statistics==
<syntaxhighlight lang=bash>
<syntaxhighlight lang=bash>
$ export SOURCEPATH=./somedir/
export SOURCEPATH=./somedir/
$ export SOURCESIZE=$(du -sk $SOURCEPATH |awk '{print $1} ')k
export SOURCESIZE=$(du -sk $SOURCEPATH |awk '{print $1} ')k
$ export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
$ tar cf - $SOURCEPATH| pv -s $SOURCESIZE |pigz -p $THREADS -9  | openssl aes-256-cbc -salt -e -in - -out - | split -b 256m - somedir.tgz.crypt.
tar cf - $SOURCEPATH| pv -s $SOURCESIZE |pigz -p $THREADS -9  | openssl aes-256-cbc -salt -e -in - -out - | split -b 256m - somedir.tgz.crypt.
$ cat somedir.tgz.crypt.* | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir
cat somedir.tgz.crypt.* | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir
</syntaxhighlight>
</syntaxhighlight>


==Tar directory with high compression, multi-thread, splitting output in multiple files, with statistics and more secure(takes much more time to start)==
==Tar directory with high compression, multi-thread, splitting output in multiple files, with statistics and more secure==
(takes much more time to start)
<syntaxhighlight lang=bash>
<syntaxhighlight lang=bash>
$ export SOURCEPATH=./somedir/
export SOURCEPATH=./somedir/
$ export SOURCESIZE=$(du -sk $SOURCEPATH |awk '{print $1} ')k
export SOURCESIZE=$(du -sk $SOURCEPATH |awk '{print $1} ')k
$ export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
$ export ITERN=$(expr $(expr $[ $RANDOM % 100 + 100000 ] \* $[ $RANDOM % 10000 + 100 ] + $[ $RANDOM % 10  ]))
export ITERN=$(expr $(expr $[ $RANDOM % 100 + 100000 ] \* $[ $RANDOM % 10000 + 100 ] + $[ $RANDOM % 10  ]))
$ tar cf - $SOURCEPATH| pv -s $SOURCESIZE |pigz -p $THREADS -9  | openssl aes-256-cbc -iter $ITERN -pbkdf2 -salt -e -in - -out - | split -b 256m - somedir.tgz.crypt.
tar cf - $SOURCEPATH| pv -s $SOURCESIZE |pigz -p $THREADS -9  | openssl aes-256-cbc -iter $ITERN -pbkdf2 -salt -e -in - -out - | split -b 256m - somedir.tgz.crypt.
$ cat somedir.tgz.crypt.* | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir
cat somedir.tgz.crypt.* | openssl aes-256-cbc -d -in - -iter $ITERN -salt | tar xzvf - -C ./destdir
</syntaxhighlight>
 
=Backup Using OpenSSL Encryption=
<syntaxhighlight lang=bash>
function BACKUPNOW () {
    for BIN in {pv,split,pigz}; do if [ $(which $BIN | wc -l | awk '{print $1} ') -eq 0 ]; then echo $BIN not found ; break; else if [ $(file "$(which $BIN)" 1>&1 >/dev/null;echo $?) -ne 0 ]; then echo $BIN not found; break; fi;fi ;done ;
    if [ -z $1  ]
    then
        export THREAD=8
    else
        export THREAD=$1
    fi
    if [ -z $2 ]
    then
        export LEVEL=9
    else
        export LEVEL=$2
    fi
    export DATADIR=$(date +"%y%m%d")
    export DATAPATH=PATH TO SOMEWHERE
    export LIST=$(ls -1a | egrep -v "^OneDrive|^.$|^..$|^Library|^.gradle|^.Trash|^.nuget|^.lima|^Downloads")
    export ALLSIZE=$(echo $LIST | while IFS=\; read obj; do du -sk $obj 2>/dev/null;done|awk '{ s = s + $1} END { print s"k"}')
    mkdir -p $DATAPATH
    echo SIZE= $ALLSIZE, THREAD= $THREAD, LEVEL=$LEVEL
    export ITERN=$(expr $(expr $[ $RANDOM % 100 + 100000 ] \* $[ $RANDOM % 10000 + 100 ] + $[ $RANDOM % 10  ]))
    tar cf - $(echo $LIST  | tr '\n' ' ')2>/dev/null| pv -s $ALLSIZE | pigz -p $THREAD -$LEVEL| openssl aes-256-cbc -iter $ITERN -pbkdf2 -salt -e -in - -out - | split -b 256m - "$DATAPATH"/bkp.
}
</syntaxhighlight>
</syntaxhighlight>

Edição atual tal como às 20h15min de 16 de setembro de 2023

Openssl

Encrypt/decrypt file

date > date.file

openssl aes-256-cbc -salt -e -in date.file -out date.file.crypt
enter AES-256-CBC encryption password:
Verifying - enter AES-256-CBC encryption password:
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.

cat date.file.crypt
Salted__�)�w��mx�j��ar�j�$���ɭ(�T�e/i�u�^�

openssl aes-256-cbc -d -in date.file.crypt  -out date.file.decrypt
enter AES-256-CBC decryption password:
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.

cat date.file.decrypt
ter 09 mai 2023 16:30:39 -03

Tar directory

tar cf - ./somedir/ | gzip | openssl aes-256-cbc -salt -e -in - -out - > somedir.tgz.crypt
cat somedir.tgz.crypt | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir

Tar directory high compression multi-thread

export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
tar cf - ./somedir/ | pigz -p $THREADS -9  | openssl aes-256-cbc -salt -e -in - -out - > somedir.tgz.crypt
cat somedir.tgz.crypt | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir

Tar directory with high compression, multi-thread and splitting output in multiple files

export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
tar cf - ./somedir/ | pigz -p $THREADS -9  | openssl aes-256-cbc -salt -e -in - -out - | split -b 256m - somedir.tgz.crypt.
cat somedir.tgz.crypt.* | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir

Tar directory with high compression, multi-thread, splitting output in multiple files with statistics

export SOURCEPATH=./somedir/
export SOURCESIZE=$(du -sk $SOURCEPATH |awk '{print $1} ')k
export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
tar cf - $SOURCEPATH| pv -s $SOURCESIZE |pigz -p $THREADS -9  | openssl aes-256-cbc -salt -e -in - -out - | split -b 256m - somedir.tgz.crypt.
cat somedir.tgz.crypt.* | openssl aes-256-cbc -d -in - | tar xzvf - -C ./destdir

Tar directory with high compression, multi-thread, splitting output in multiple files, with statistics and more secure

(takes much more time to start)

export SOURCEPATH=./somedir/
export SOURCESIZE=$(du -sk $SOURCEPATH |awk '{print $1} ')k
export THREADS=$(lscpu | grep "^CPU(s):"| awk '{print $2} ')
export ITERN=$(expr $(expr $[ $RANDOM % 100 + 100000 ] \* $[ $RANDOM % 10000 + 100 ] + $[ $RANDOM % 10  ]))
tar cf - $SOURCEPATH| pv -s $SOURCESIZE |pigz -p $THREADS -9  | openssl aes-256-cbc -iter $ITERN -pbkdf2 -salt -e -in - -out - | split -b 256m - somedir.tgz.crypt.
cat somedir.tgz.crypt.* | openssl aes-256-cbc -d -in - -iter $ITERN -salt | tar xzvf - -C ./destdir

Backup Using OpenSSL Encryption

function BACKUPNOW () {
    for BIN in {pv,split,pigz}; do if [ $(which $BIN | wc -l | awk '{print $1} ') -eq 0 ]; then echo $BIN not found ; break; else if [ $(file "$(which $BIN)" 1>&1 >/dev/null;echo $?) -ne 0 ]; then echo $BIN not found; break; fi;fi ;done ;
    if [ -z $1  ]
    then
        export THREAD=8
    else
        export THREAD=$1
    fi
    if [ -z $2 ]
    then
        export LEVEL=9
    else
        export LEVEL=$2
    fi
    export DATADIR=$(date +"%y%m%d")
    export DATAPATH=PATH TO SOMEWHERE
    export LIST=$(ls -1a | egrep -v "^OneDrive|^.$|^..$|^Library|^.gradle|^.Trash|^.nuget|^.lima|^Downloads")
    export ALLSIZE=$(echo $LIST | while IFS=\; read obj; do du -sk $obj 2>/dev/null;done|awk '{ s = s + $1} END { print s"k"}')
    mkdir -p $DATAPATH
    echo SIZE= $ALLSIZE, THREAD= $THREAD, LEVEL=$LEVEL
    export ITERN=$(expr $(expr $[ $RANDOM % 100 + 100000 ] \* $[ $RANDOM % 10000 + 100 ] + $[ $RANDOM % 10  ]))
    tar cf - $(echo $LIST  | tr '\n' ' ')2>/dev/null| pv -s $ALLSIZE | pigz -p $THREAD -$LEVEL| openssl aes-256-cbc -iter $ITERN -pbkdf2 -salt -e -in - -out - | split -b 256m - "$DATAPATH"/bkp.
}