I've been copying files from one server to the symmetrical cluster partner a lot last week.
scp /path/to/directory/file remote:/path/to/directory/
That gets boring after a while but does not really warrant setting up a full blown config management solution like salt, puppet or ansible.
So here is scpover[1.5kB].
It reduces the effort to
This will copy "file" from "/path/to/directory/" into exactly the same directory on the remote cluster partner.
Which system to target is detected from the hostname of the local system and hard-coded into the script.
Scpover can also take multiple filepaths on one command line so you can beam over a few related config files from multiple locations in one go.
Continue reading "scp (secure copy) a file to the same path on a remote system"
Not an atomic change but at least all within a reasonably short timespan.
Well, shortly after I wrote about encrypting files with a keyfile / passphrase with gpg people asked about a solution with openssl.
You should prefer to use the gpg version linked above, but if you can't, below is a script offering the same functionality with openssl.
You basically call
crypt_openssl <file> [<files...>] to encrypt
file.aes using the same keyfile as used in the gpg script (
~/.gnupg/mykey001 per default).
crypt_openssl -d <file.aes> [<files.aes...>] will restore the original files from the encrypted AES256 version that you can safely transfer over the Internet even using insecure channels.
Please note that you should feed compressed data to
Continue reading "Encrypting files with openssl for synchronization across the Internet"
crypt_openssl whenever you can. So use preferably use it on
Automatically transferring (syncing) files between multiple computers is easy these days. Dropbox, owncloud or bitpocket to name a few. You can imagine I use the latter (if you want a recommendation)1.
In any case you want to encrypt what you send to be stored in "the cloud" even if it is just for a short time. There are many options how to encrypt the "in flight" data. Symmetric ciphers are probably the safest and most widely researched cryptography these days and easier to use than asymmetric key pairs in this context as well.
Encryption is notoriously hard to implement correctly and worthless when the implementation is flawed. So I looked at gpg, a well known reference implementation, and was amazed that it can neither use a proper keyfile for symmetric encryption (you can just supply a passphrase via
--passphrase-file) nor does it handle multiple files on the command line consistently.
You can use
--multifile (wondering...why does a command need that at all?) with
--encrypt (asymmetric public/private key pair encryption) but not with
--symmetric (symmetric shared key encryption). Duh!
With a bit of scripting around the gpg shortcomings, you end up with
Continue reading "Encrypting files with gpg for synchronization across the Internet"
crypt_gpg that can nicely encrypt or decrypt multiple files (symmetric cipher) in one go.