Symmetric encryption using the ssh-agent
Project description
Abstract
Yet another implementation of the idea, to use the SSH agent for symmetric encryption. This time for Python (2+3).
Load a key and make an SSH connection with agent-forwarding:
local-machine ~ % ssh-add
local-machine ~ % ssh -A remote-machine
Create some agentcrypt enabled scripts on the remote host:
remote-machine ~ % cat << '_EOF_' > encryptor.py
import sys
from agentcrypt.io import Container
with Container.create(sys.stdout) as cntr:
for line in sys.stdin:
cntr.write(line)
_EOF_
remote-machine ~ % cat << '_EOF_' > decryptor.py
import sys
from agentcrypt.io import Container
with Container.load(sys.stdin) as cntr:
print(cntr.getvalue().decode())
_EOF_
Use the newly created scripts with keys from the local ssh-agent:
remote-machine ~ % echo "secret data" |python encryptor.py > hushhush.dat
remote-machine ~ % python decryptor.py < hushhush.dat
secret data
Or via the main guard of the package:
remote-machine ~ % echo "secret data" |python -magentcrypt.io enc > hushhush.dat
remote-machine ~ % python -magentcrypt.io dec < hushhush.dat
secret data
Motivation
Provide a convenient (passwordless) way of encrypting sensitive data for Python.
Profit from the fact that agent-forwarding makes SSH keys available on remote servers.
Alternatives
https://github.com/jwhitham/safeu - C (not sure if it uses the signature as keys too)
- Why another implementation?
The ones I found on GitHub are either not Python or they rely on calls to external programs. I wanted a pure Python library, that runs with Versions 2.7 and 3.x.
Documentation
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.