#!/bin/bash # # This example shows how to configure afio to write GnuPG encrypted archives. # GnuPG is a complete and free replacement for PGP. Because it does not use # IDEA or RSA it can be used without any restrictions. GnuPG is a RFC2440 # (OpenPGP) compliant application. # This example uses a pass phrase in a file, for increased security. # the file permissions of this file should be set to -rw-------- # (group and world unreadable) to keep the pass phrase secure dir_to_backup=/usr/include/linux passphrasefile=my_passphrasefile # gpg has built-in compression but this feature cannot be used with # afio (it should be disabled using the -z 0 to gpg). In this example # we compress the files in the archive anyway by first passing them # through gzip, then through gpg, using the auxillary script # gpg_zip_encrypt. find $dir_to_backup | afio -ovz -Z -U -P ./gpg_zip_encrypt -3 3 my_archive_file 3<$passphrasefile # The reason why gpg built-in compression cannot be used is as # follows. When compression is used, and gpg is run twice on the same # input file, it can generate differing outputs with different # lengths. This is a problem for afio if the output length is larger # than the afio -M option value. If the length is larger than the -M # value, then afio will call the 'compression' program twice, once to # get the 'compressed' file length and once to get the actual file # contents and write them to the archive, and if the lenght is bigger # in the second run then the data in the archive will be truncated # (and therefore corrupted). Afio does emit an error message when # this happens, but it might be overlooked. # the archive written with this script can be unpacked with # afio_unpack_gpg_zip