I was looking for a way of encrypting a directory using GPG.
I tried writing an AppleScript, but found it impossible to get a password into the script (anybody know how to do this?). So I ended up writing a shell script.
These scripts encrypt and decrypt a "crypt" directory in the
user's home directory. At the same time, each script copies an alias onto the desktop to perform the reverse operation. So encrypt.sh encrypts the crypt directory and copies
an alias to decrypt.sh to the desktop.
A pre-requisite for these scripts to work is an installation
of gpg, the Gnu Privacy Guard.
I have set the icons on these aliases to be some sort of
warning colour. If the alias is a green parrot (I used these icons from Adam Betts at Xicons.com) and says decrypt, it
means that the crypt directory is currently encrypted.
[robg adds: I have not tested these scripts, and the author admits they aren't really fully documented. If someone wants to try them, please post your results. Read the rest of the hint for the scripts.]
In the scripts, I move the aliases rather than copying them because
copying then (with cp) seems to loose the icons (again anybody know how keep the icons using a shell copy command?). I used the gpg -c symmetric encryption which doesn't use
keys to encrypt the file, rather it uses a pass phrase.
encrypt.sh
#!/bin/sh # # Encrypt the crypt directory # cd ~ NAME=crypt.tar.gpg.`date+%y%m%d%s`.bak if test -f ./crypt.tar.gpg then cp ./crypt.tar.gpg ./LocalBackup/$NAME rm ./crypt.tar.gpg fi test -d ./crypt if [ "$?" -ne "0" ]; then echo "No crypt directory to Encrypt... quitting" exit 1 fi gnutar -c -f ./crypt.tar ./crypt/ gpg -c ./crypt.tar if [ "$?" -ne "0" ]; then rm ./crypt.tar echo "Error encrypting Archieve... quitting" exit 1 fi rm ./crypt.tar rm -r ./crypt if test -f ~/Desktop/encrypt then mv ~/Desktop/encrypt /Applications/AdminTools/EncryptionScripts/encrypt fi mv /Applications/AdminTools/EncryptionScripts/decrypt ~/Desktop/decryptdecrypt.sh
#!/bin/sh # # Decrypt the crypt directory # cd ~ gpg --decrypt ./crypt.tar.gpg > ./crypt.tar if [ "$?" -ne "0" ]; then echo "Unable to decrypt Archieve... quitting" exit 1 fi if test -d ./crypt then mv crypt DELETE_ME_cryptBak fi gnutar xf crypt.tar if [ "$?" -ne "0" ]; then echo "Unable to un tar Archieve... quitting" exit 1 fi NAME=crypt.tar.gpg.`date+%y%m%d%s`.bak if test -f ./crypt.tar.gpg then cp ./crypt.tar.gpg ./LocalBackup/$NAME if [ "$?" -ne "0" ]; then echo "Unable to un tar Archieve... quitting" exit 1 fi rm ./crypt.tar.gpg fi rm ./crypt.tar if test -f ~/Desktop/decrypt then mv ~/Desktop/decrypt /Applications/AdminTools/EncryptionScripts/decrypt fi mv /Applications/AdminTools/EncryptionScripts/encrypt ~/Desktop/encrypt exitTo use the scripts, you will obviously have to set up the directory structure that they require. This is basically: A backup directory, the scripts directory and aliases for the scripts. This may be a poorly documented hint, but I find this automation really useful and thought I would share it.
Mac OS X Hints
http://hints.macworld.com/article.php?story=20030518144010258