in Basic security, devops, Linux administration, Security

GPG Encrypted backups

This is just some notes for myself that may be useful for other people.

Scenario: As a server administrator I want to keep the backups secure so only myself can restore them.
OSX hostname: earth.local
Ubuntu Server hostname: mars.local

GPG Installation

#OSX
$ brew install gpg

#Ubuntu
$ sudo apt install gpgv2

Creating keys

earth$ gpg --gen-key
earth$ gpg --list-keys

Encrypt a file test

earth$ gpg -e -u albertsola -r albertsola mysql.sql

Decrypt a file test

earth$ gpg -d mysql.sql.gpg > mysql.sql

Exporting public key

earth$ gpg --output pub_albertsola.gpg --export albertsola #binary
earth$ gpg --armor --export albertsola > pub_albertsola.asc #text

Importing a public keys on the server

mars$ gpg --import pub_albertsola.asc

Encrypting the backup

mars$ gpg -e -u backups@domain.com -r albertsola@domain.com mysql.sql
mars$ rm mysql.sql

Downloading and decrypting the backup

Copy the file to earth:

earth$ scp albertsola@mars:~/backups/mysql.sql.gpg .
earth$ gpg -d mysql.sql.gpg > mysql.sql
earth$ rm mysql.sql.pgp

Write a Comment

Comment