/sshbox

encrypt and decrypt small files using OpenSSH keys

Primary LanguageGoISC LicenseISC

sshbox: encrypt and decrypt files using OpenSSH keys.

sshbox is a utility to encrypt and decrypt files using OpenSSH keys. The
files may be PEM-encoded (ASCII-armoured) or DER-encoded (a binary
format). Public keys may be fetched over HTTP(S); however, private keys
must be local. sshbox uses cryptobox[1] as the underlying cryptographic
system. It uses the sshkey[2] package to load the keys.

The utility is designed for encryption smaller files (under 128M), as the
file is read into memory.

Password-protected keys are now supported, as are both ECDSA and RSA keys.


Usage: sshbox [-ade] [-k key] source target
        -a=false: ASCII armour the box
        -d=false: decrypt file
        -e=false: encrypt file
        -k="": SSH key file
        -s="": SSH private key for signing
        -v="": SSH public for signature verification


Installation:
    
    $ go get github.com/gokyle/sshbox
    $ go install github.com/gokyle/sshbox


Signatures:
Signature support is standing by, but uses RSASSA-PSS, which is not
present as of Go 1.1.1, but it is in tip. Due to the fact that most
users are not likely to be running tip, I've decided to wait to add
this in until later.  Once RSASSA-PSS support hits a distribution,
I will merge this into master.


License:
sshbox is released under the ISC license. See the LICENSE file for the full
test of the license.


[1] http://cryptobox.tyrfingr.is/
[2] https://github.com/gokyle/sshkey/