See moarSCREENSHOTS for more.
bash (haha), zenity, and one of: gpg, gpg2, or openssl
a7crypt is simply a bash script, so you can download it, double-click on it, and be done. However, if you'd like to install it proper-like for all users...
####1) Copy a7crypt over to a bin directory and make sure it is executable
- On sudo-enabled system, like Ubuntu:
sudo cp a7crypt /usr/local/bin/; sudo chmod 755 /usr/local/bin/a7crypt
- If that doesn't work:
su -lc 'cp a7crypt /usr/local/bin/; chmod 755 /usr/local/bin/a7crypt'
####2) Create an application shortcut for all users (run via copy and paste)
- On sudo-enabled system, like Ubuntu:
sudo cat > /usr/share/applications/a7crypt.desktop <<\EOF
[Desktop Entry]
Name=a7crypt
Comment=Simple symmetric encryption GUI using GPG or OpenSSL
Exec=a7crypt
Terminal=false
Type=Application
Icon=/usr/share/pixmaps/password.png
Categories=GNOME;Accessories;
EOF
- If that doesn't work:
su -lc 'cat > /usr/share/applications/a7crypt.desktop <<\EOF
[Desktop Entry]
Name=a7crypt
Comment=Simple symmetric encryption GUI using GPG or OpenSSL
Exec=a7crypt
Terminal=false
Type=Application
Icon=/usr/share/pixmaps/password.png
Categories=GNOME;Accessories;
EOF'
Don't miss that trailing ' mark!
####3) Make some toast!
The original goal of this project was to make symmetric text {en,de}cryption more accessible and easy to use. While GPG rocks (for both symmetric & public-key) if you're comfortable on the commandline, and there are GUI encryption options for key-based, there's not much out there for people who need to do the simplest kind of encryption -- with a shared passphrase.
First I developed a super-simple wrapper for the commandline. (To see an evolution of that, check out a3crypt, which doesn't have any of the bells and whistles of a7crypt. Screenshots of terminal action at the end of the moarSCREENSHOTS page.) Once that was complete, I decided it was time to the fill the hole of a GUI for symmetric encryption, and began fleshing it out and adding features, quickly adding the ability to pick files (and have the script automatically choose ASCII or binary output type based on the chosen file).
It almost goes without saying, but from the beginning, a requirement of all this was that security not be in any way sacrificed for the convenience.
To that end: No processes are run with arguments of a passphrase, nor are passphrases or message data stored on disk; the script creates a working dir in ram that is only readable by the current user and whenever message data or passphrases need to be stored, they are stored there and deleted as soon as they have served their purpose. (Note: We WILL fall-back to creating a working dir on disk in users' HOME if /dev/shm is unavailable for some crazy reason.)
We of course want to ensure that all tmpfiles are cleaned up on exit, even though they're hidden away in directories only available to the user. A simple trap will cover exiting due to receiving a sigterm or sigint, but for sigkill, we need something more. So each time the script runs it creates lockfiles with its PID and the location of the temp working directory. That way, if an old instance of the script ever dies without cleaning up its potentially-sensitive data, we can take out the trash on the next run.
And a final note: When lockfiles & temp directories are created by this script, they're named based on the script's current filename; not some static project name. This means that you can feel free to rename the script. Everything else will go along with the new name--you don't need to change anything in the content. Caveat: Don't be stupid and put a space in the script name. :)
Feel free to hit me/the tracker up if you have any questions or suggestions!
And so far, that's it. Feel free to contribute!
Copyright (C) 2011, 2012 Ryan Sawhill aka ryran
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License @gnu.org/licenses/gpl.html for more details.