SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Encrypting files with PGP


Encrypting files with PGP

Author
Message
kwoznica
kwoznica
Ten Centuries
Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)

Group: General Forum Members
Points: 1137 Visits: 481
While this is not related to sql server I imagine that many database administrators have had to deal with this scenario.
My company just switched banks and we have to meet security requirements to upload check files to their SFTP site.
We have finished the formatting for the flat text file and once the accounting department has created the file they will need to upload. To make the process simple for the accounting department users I have created a virtual machine with a secured share that they can dump the file into. Every 15 minutes I have a scheduled task that will run and move the files to a directory where the files will be further secured and encrypted. Once every hour a scheduled sftp job will run using an application called cuteftp to the new bank.

The problem I am having is getting the files in the directory encrypted. I have tried using Symantec's PGP encryption software but keep coming across problems.

Can someone recommend a command line pgp tool where I can generate my own public and private keys and also sign the files we will be uploading to the bank with the public keys they have provided?


Any other thoughts are also welcomed. Thank you.
Michael Valentine Jones
Michael Valentine Jones
SSChampion
SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)

Group: General Forum Members
Points: 14449 Visits: 11848
GnuPG is a command line tool. It's open source and free:
http://www.gnupg.org/
Steve Jones
Steve Jones
SSC Guru
SSC Guru (146K reputation)SSC Guru (146K reputation)SSC Guru (146K reputation)SSC Guru (146K reputation)SSC Guru (146K reputation)SSC Guru (146K reputation)SSC Guru (146K reputation)SSC Guru (146K reputation)

Group: Administrators
Points: 146159 Visits: 19425
I used the Gnu version years ago. Worked well for me.

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
kwoznica
kwoznica
Ten Centuries
Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)

Group: General Forum Members
Points: 1137 Visits: 481
I have used the GNU for windows version and figured out what I need with the exception of encrypt and sign multiple files.


I have a directory which will contain multiple files that need to be encrypted. When I run the command line with the below swtiches and one file in the directory it works.

gpg2.exe --batch --sign --passphrase "somewords" --encrypt -r BankName --trust-model always c:\EncryptedFiles\*.*

However when I use the --multifile switch with multiple files the command fails.
The syntax I am using is below.

gpg2.exe --multifile --sign --passphrase "somewords" --encrypt -r BankName --trust-model always c:\encryptedfiles\*.*

The error I receive is

"usage: gpg [options] --sign -- encrypt [filename]"

Can anyone familiar with this please let me know what is the proper syntax for encrypting and signing multiple files?
Nadrek
Nadrek
SSCarpal Tunnel
SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)

Group: General Forum Members
Points: 4524 Visits: 2741
The best syntax for multiple files is to zip them first, and then gpg the zipped single file Smile.

Note that if you're dealing with U.S. government standards, DSA/ElGamal keys are right out, as ElGamal is not a FIPS 140-2 algorithm.

To be as current as possible, ideally, generate your key with

gpg2 --gen-key --cert-digest-algo SHA512


or

gpg2 --gen-key --cert-digest-algo SHA256



and add the following four lines to the end of gpg.conf for every user that uses gpg
Substitute CAMELLIA for AES if you're in Europe or Japan.

personal-cipher-preferences AES256 AES192 AES 3DES
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
personal-compress-preferences BZIP2 ZLIB ZIP Uncompressed
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES 3DES BZIP2 ZLIB ZIP Uncompressed



To update existing public keys with at least a preferred cipher ordering,

gpg2 --edit-key "YourKeyName <YourKey@X.Y>"
showpref
setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES 3DES BZIP2 ZLIB ZIP Uncompressed
quit
y


Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search