PGP Pipe

by Daniel Kroening

Download it here.

  1. Description

    PGP Pipe allows encrypting a data stream of arbitrary length with the IDEA chipher from PGP. It is fast and usefull for backups on tapes or across the network.

    pgp pipe should compile under all types of Unix machines (personally tested on Linux/Intel). The encrypted files should be transferable between different machines without problems.


  2. Installation

    To prevent that this program is considered "strong cryptography", the encryption routines are NOT included, so you have to get the PGP source to compile it.

    Once you have downloaded PGP, correct the Makefile to make "PGP" point to the source directory of PGP.

    After that, just type "make" and you are done.

  3. Usage Examples

    Encrypt a small file named "secret" with password "ABC DEF" and store it on a disk:

    pgppipe -e "ABC DEF" < secret > /floppy/secret

    Tar, GZip & Encrypt a whole directory:

    tar cf - /directory | gzip -9 | pgppipe -e "ABC DEF" > /secret.tgz.enc

    Decrypt, decompress and untar it again:

    pgppipe -d "ABC DEF" < /secret.tgz | gunzip | tar xf -

    You can add a pgppipe script to you /etc/inetd.conf to make central, encrypted backups. The point is that you do not have to trust the network or the backup host (or the person who stores the tapes...) since they all will get encrypted data only.

  4. Security

    The encryption is purely symmetric and only depends on a password given on the command line. Thus, the encryption has to be considered weak unless reasonable passwords are used.

    In general, passwords which are good as PGP pass phrase are also good for pgp pipe. There are numerous FAQs on how to choose a good pass phrase. Since the encryption is purely deterministic, you should never use the same password twice.