Symmetric encryption using the ssh-agent
Yet another implementation of the idea, to use the SSH agent for symmetric encryption. This time for Python (2+3).
Load a key and make an SSH connection with agent-forwarding:
local-machine ~ % ssh-add local-machine ~ % ssh -A remote-machine
Create some agentcrypt enabled scripts on the remote host:
remote-machine ~ % cat << '_EOF_' > encryptor.py import sys from agentcrypt.io import Container with Container.create(sys.stdout) as cntr: for line in sys.stdin: cntr.write(line) _EOF_ remote-machine ~ % cat << '_EOF_' > decryptor.py import sys from agentcrypt.io import Container with Container.load(sys.stdin) as cntr: print(cntr.getvalue().decode()) _EOF_
Use the newly created scripts with keys from the local ssh-agent:
remote-machine ~ % echo "secret data" |python encryptor.py > hushhush.dat remote-machine ~ % python decryptor.py < hushhush.dat secret data
Or via the main guard of the package:
remote-machine ~ % echo "secret data" |python -magentcrypt.io enc > hushhush.dat remote-machine ~ % python -magentcrypt.io dec < hushhush.dat secret data
- Provide a convenient (passwordless) way of encrypting sensitive data for Python.
- Profit from the fact that agent-forwarding makes SSH keys available on remote servers.
- https://github.com/edwardspeyer/sshovel - Python
- https://github.com/is/sshcrypt - Go
- https://github.com/jwhitham/safeu - C (not sure if it uses the signature as keys too)
- Why another implementation?
- The ones I found on GitHub are either not Python or they rely on calls to external programs. I wanted a pure Python library, that runs with Versions 2.7 and 3.x.
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.