How to decrypt a file in Palantir either while pulling the file thru SFTP sync or after receiving the file at Foundry end.
File is encrypted [symmetric (passphrase)] in a linux system using gpg utility.
Command used to decrypt the file in a linux system:
gpg --batch --passphrase <<passphrase>> --output decrypted_file.csv --decrypt encrypted_file.csv
Related
How do I get on an AWS server? Do I have to use terminal? Can I use transmit? I need to install Wordpress and I really don't want to do that through command line. I have a PPK file and an amazon url. I tried converting the PPK to PEM in terminal but after spending a 4 hours of updating my OS and Xcode it didn't work. Can I get the Access key and secret from the PPK file and use that in transmit?
You can get into AWS server from Mac terminal by using SSH protocol but for that you need .pem file. You can not use .ppk file on Mac OS to SSH into server. You need to have .pem file. However you can conver this .ppk file into .pem. Try following steps
Install Homebrew
ruby -e "$(curl -fsSL
https://raw.githubusercontent.com/Homebrew/install/master/install)"
Install putty on Mac
brew install putty
Convert .ppk into .pem where key.ppk is name of your .ppk file
puttygen key.ppk -O private-openssh -o key.pem
Set the appropriate permissions to the .pem file
chmod 400 key.pem
SSH using converted .pem file
ssh -i key.pem username#hostname
I want to encrypt an xml file and I am using gpg4win (kleopatra).
Using the kleopatra interface I set an option to produce files with extension pgp instead of gpg which is the default extension.
I am trying to create a pgp file from command line using the command
gpg -r test#test.gr -se C:\temp\myfile.xml
because I need to submit it in a web app that accepts pgp only.
I have tried to put some other options in the command but I always get a gpg file. How can I produce a pgp file from command line?
This may not be the same process as others, but this worked for me:
gpg --batch --yes --recipient "user" --output "fulldirectory\filename.txt.pgp" --encrypt "fulldirectory\filename.txt"
GnuPG syntax for encryption is stated here. You can simply use the --output [filename].[suffix] parameter.
So go with gpg --encrypt C:\temp\myfile.xml --recipient test#test.gr --output C:\temp\myfile.pgp.
Please note that .pgp is actually the suffix for a key not an encrypted file. See here.
The following command is run from the Windows command line and it works sometimes, but it does not in other occasions.
GPG --recipient "my.puclic.key#recipient.com" --output "MyEncryptedFileName.txt.PGP" --encrypt "MyTestDocument.txt Working Directory: \\myServer\myfolderName\
The directory and file name exist, but it seems like GPG can't find them. I have also tried the command as..
GPG --recipient "my.puclic.key#recipient.com" --output "MyEncryptedFileName.txt.PGP" --encrypt "MyTestDocument.txt Working Directory: \\myServer\myfolderName\"
and
GPG --recipient "my.puclic.key#recipient.com" --output "MyEncryptedFileName.txt.PGP" --encrypt "MyTestDocument.txt Working Directory: \\myServer\myfolderName"
but keep getting an error:
"can't open 'MyTestDocument.txt Working Directory:\\myServer\myfolderName\': No such file or directory
gpg MyTestDocument.txt Working Directory: \\myServer\myfolderName\: encryption failed: No such file or directory
In prior occasions this same command worked fine.
If I run gpg to sign and encrypt a file from the command line, it works. I have an application that tries the same and I get the following error. The application has worked signing and encrypting before, so I do not think that it is a permission issue. Any ideas?
Running on windows. GnuPG 1.4.2.2
gpg: keyblock resource C:/Program Files/GNU/GnuPG" --output D:/WEA/ACH/milw472b.gpg --yes --batch --armor --recipient JPMC_ECS_PROD_2015 --default-key wea#weatrust.com --passphrase-fd 0 --no-verbose --sign --encrypt D:/WEA/ACH/ACH \secring.gpg': file open error
gpg: keyblock resourceC:/Program Files/GNU/GnuPG" --output D:/WEA/ACH/milw472b.gpg --yes --batch --armor --recipient JPMC_ECS_PROD_2015 --default-key wea#weatrust.com --passphrase-fd 0 --no-verbose --sign --encrypt D:/WEA/ACH/ACH \pubring.gpg': file open error
gpg: no valid OpenPGP data found.
gpg: processing message failed: eof
Why is your program including the paths to the public and secret keyrings? GPG should find them in the home directory, if you're using a different location for those files then you either need to specify the new home directory (with the --homedir flag) or prepend the two keyring files with the relevant flags (--keyring and --secret-keyring).
As it is, that command appears to be trying to encrypt your public and secret keyrings to the "JPMC_ECS_PROD_2015" recipient. If "JPMC_ECS_PROD_2015" is not a group name (specified in the gpg.conf file) or specified elsewhere in the code for your program, then that will generate errors relating to an invalid recipient (or recipient format).
i am using mysql-5.5 and rhel5 and my intention is to use mysqldump to take the encrypted backup and compressed backup
as i am using mysqldump as below
mysqldump -u root -p db_name | gzip >file_name.sql.gz
it will give compressed backup but not encrypted one
How about this:
mysqldump -u root -p db_name | gpg --encrypt -r 'user_id' | gzip >file_name.sql.gz
of course you need the public key of the user that you want to encrypt for.
e.g.
gpg --import keyfile
Instead of using GPG which is frankly, kind of overkill unless you really like GPG, you can use OpenSSL which is likely built-in and has no real dependency structure for making easily portable and decryptable backups. This way you can readily decrypt the backup on just about any Linux system (and many other platforms) without any keyring, just knowing the passphrase.
Read more at this link about how do so.
Backup one database, change what is inside [..]
mysqldump -u root --single-transaction [DataBaseName] | gzip | openssl enc -pbkdf2 -k [MyPassword] > database.sql.zip.enc
Backup all databases separately:
date=`date "+%Y%m%d"`
for DB in $(mysql -u root -e 'show databases' -s --skip-column-names); do
mysqldump -u root --single-transaction $DB | gzip | openssl enc -pbkdf2 -k [MyPassword] > db-$DB-$date.sql.gz.enc;
done
Also note that using -p via command line is really bad practise as the password can be read out via ps aux.
I suggest using openssl as pgp is getting to slow on big files.
The best solution I have found so far which I am regularly using at work now is mysqldump-secure.
It offers openssl encryption and compression as well as other more features and even ships with a nagios monitoring plugin.
I use the following Bash script that uses Dropbox to sync the backups directly to our own company server (followed by automatic backups of that data). Replace the script variables with your own. Then I just add that to my crontab to run it every 12 hours.
FILENAME=dbname.$(date +%Y-%m-%d-%H-%M)
SQLFILE=/root/Desktop/$FILENAME.sql
ZIPFILE=/root/Desktop/$FILENAME.zip
GPGFILE=/root/Dropbox/SQL-Backups/$FILENAME.gpg
mysqldump --user=dbuser --password=password --port=3306 --default-character-set=utf8 --single-transaction=TRUE --databases "dbname" --result-file="$SQLFILE"
zip -9 $ZIPFILE $SQLFILE
gpg --output "$GPGFILE" --encrypt --recipient "recipient#company.com" "$ZIPFILE"
unlink $ZIPFILE
unlink $SQLFILE
This uses GnuPG to encrypt the resulting zipped SQL dump. Remember to never import the private key to the web server. The web server's GPG setup only needs the public key.
You can use the GPG software available for most platforms to create your key and publish the public key to a key server.