Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Encrypting files with PGP Expand / Collapse
Author
Message
Posted Saturday, March 30, 2013 10:11 AM


SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Saturday, June 14, 2014 11:52 AM
Points: 179, Visits: 404
While this is not related to sql server I imagine that many database administrators have had to deal with this scenario.
My company just switched banks and we have to meet security requirements to upload check files to their SFTP site.
We have finished the formatting for the flat text file and once the accounting department has created the file they will need to upload. To make the process simple for the accounting department users I have created a virtual machine with a secured share that they can dump the file into. Every 15 minutes I have a scheduled task that will run and move the files to a directory where the files will be further secured and encrypted. Once every hour a scheduled sftp job will run using an application called cuteftp to the new bank.

The problem I am having is getting the files in the directory encrypted. I have tried using Symantec's PGP encryption software but keep coming across problems.

Can someone recommend a command line pgp tool where I can generate my own public and private keys and also sign the files we will be uploading to the bank with the public keys they have provided?


Any other thoughts are also welcomed. Thank you.
Post #1437204
Posted Saturday, March 30, 2013 4:30 PM
Hall of Fame

Hall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of Fame

Group: General Forum Members
Last Login: Today @ 12:39 PM
Points: 3,122, Visits: 11,405

GnuPG is a command line tool. It's open source and free:
http://www.gnupg.org/



Post #1437250
Posted Wednesday, April 3, 2013 12:15 PM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Today @ 6:20 PM
Points: 33,078, Visits: 15,192
I used the Gnu version years ago. Worked well for me.






Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1438523
Posted Monday, April 8, 2013 9:21 AM


SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Saturday, June 14, 2014 11:52 AM
Points: 179, Visits: 404
I have used the GNU for windows version and figured out what I need with the exception of encrypt and sign multiple files.


I have a directory which will contain multiple files that need to be encrypted. When I run the command line with the below swtiches and one file in the directory it works.

gpg2.exe --batch --sign --passphrase "somewords" --encrypt -r BankName --trust-model always c:\EncryptedFiles\*.*

However when I use the --multifile switch with multiple files the command fails.
The syntax I am using is below.

gpg2.exe --multifile --sign --passphrase "somewords" --encrypt -r BankName --trust-model always c:\encryptedfiles\*.*

The error I receive is

"usage: gpg [options] --sign -- encrypt [filename]"

Can anyone familiar with this please let me know what is the proper syntax for encrypting and signing multiple files?
Post #1439903
Posted Tuesday, April 9, 2013 8:36 AM
SSC Eights!

SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!

Group: General Forum Members
Last Login: Thursday, July 24, 2014 8:41 AM
Points: 861, Visits: 2,357
The best syntax for multiple files is to zip them first, and then gpg the zipped single file :).

Note that if you're dealing with U.S. government standards, DSA/ElGamal keys are right out, as ElGamal is not a FIPS 140-2 algorithm.

To be as current as possible, ideally, generate your key with
gpg2 --gen-key --cert-digest-algo SHA512

or
gpg2 --gen-key --cert-digest-algo SHA256

and add the following four lines to the end of gpg.conf for every user that uses gpg
Substitute CAMELLIA for AES if you're in Europe or Japan.
personal-cipher-preferences AES256 AES192 AES 3DES
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
personal-compress-preferences BZIP2 ZLIB ZIP Uncompressed
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES 3DES BZIP2 ZLIB ZIP Uncompressed

To update existing public keys with at least a preferred cipher ordering,
gpg2 --edit-key "YourKeyName <YourKey@X.Y>"
showpref
setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES 3DES BZIP2 ZLIB ZIP Uncompressed
quit
y

Post #1440372
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse