I have a backup server, that creates xz compressed tar archives of directory trees to be backed up. These tar archives can get huge (multiple TBs), are split into pieces (2.5TB), and each piece is written to a LTO-6 tape, and the tapes go offsite.
Now I want to add encryption. I can GPG encrypt the tar archive before splitting, using public-private key encryption, and with one or more recipients (admin public keys).
However, in case of recovery, at least one admin needs to put his private key onto the backup server, since the files are too huge to be unpacked anywhere else.
GPG uses a hybrid encryption scheme under the hood, with a symmetric cipher like AES with a session key, and only that session key gets public-private key encrypted for the recipients.
Is there a way to let an admin provide the session key for decrypting file to be recovered without putting the private key onto the backup server?
I could reinvent the wheel of course:
- create a random session key on the backup server per each file to be backed up
- use GPG symmetric encryption to encrypt the file
- use GPG asymmetric encryption to encrypt the session key for each recipient
But is there a "standard" or builtin or best-practice way of achieving above?
Best Answer
This is definitely possible with the
--show-session-keyand--override-session-keyoptions.First you need the beginning of your encrypted file. This is where the encrypted session key is stored.
root@qwerty:~/gpg# head -c 1024k bigfile.gpg > head.gpgThen copy it to your workstation and retrieve the session key
Now you can decrypt the file using your session key