Encrypt directory with GnuPG?

Why not tar the files to be encrypted and then encrypt the tarball?


I just saw the option --multifile on the manpage:

This modifies certain other commands to accept multiple files for processing on the command line or read from STDIN with each filename on a separate line. This allows for many files to be processed at once. --multi‐ file may currently be used along with --verify, --encrypt, and --decrypt. Note that --multifile --verify may not be used with detached signatures.

What you are specifically looking for is --encrypt-files and, again the manpage:

Identical to --multifile --encrypt.


Hey I read the comments on the answer that has been marked as excepted; looks like you should be made aware of the magic of | (anonymous pipes) check the answer I just posted on superuser and you'll find that tar & gpg can be joined together such that your output is compressed and encrypted before being output. Note it'll still use significant system resources so check the man pages for nice command for limiting a commands' ability to eat up only a certain percentage of resources. Also while I'm in the mood to suggest topics that may make your life easier on the command line in general; look into file descriptors and named pipes for passing data around.

If you wish to see what kind of magic can be performed when the above subjects are understood, then check the Travis-CI build logs and related scripts for solutions related to automating GnuPG on the command line.

---- Updates

As requested, an example for dealing with directories can be found within the previously mentioned script at line 680 and a more generalized example would be...

#!/usr/bin/env bash
dir_path="${1:?${0##*/} needs a directory path as the first argument}"
default_gpg_email="[email protected]"
gpg_email="${2:-$default_gpg_email}"
_dir_name="${dir_path##*/}"
_dir_name="${_dir_name%/*}"
Var_star_date="$(date -u +%s)"

if [ -d "${dir_path}" ]; then
    tar -cz - "${dir_path}" | gpg --always-trust --armor --batch --no-tty --encrypt --recipient ${gpg_email} > /tmp/${Var_star_date}_${_dir_name}.tgz.gpg"
else
    echo "${0##*/} operates on directories"
    exit 1
fi

... which maybe run with script-name.sh /path/to/dir or script-name.sh /path/to/dir [email protected] and should output to the /tmp directory a file <current-date>_<top-dir-name>.tgz.gpg

Tags:

Encryption

Directory

Gpg

Recent Posts