GPG setup

I am trying to setup an asymmetric system between a couple of computers
I manage with gpg but am running into some problems when scripting a
tools which moves data between the boxes in a secure manor, I am use gpg
but would like to know if it is possible to generate a pair of key then
place the public keys on these computer while keeping both the public
and private key on the main server which will be sending the files, the
problem is on the remote computer they need to decrypt the files without
human interaction nor do I want to pass the passphrase on the command line.

Is it possible to encrypt on the master server and decrypt on the remote
computers just using the public key which is on them I beleive this
should be possible but when I try I still get prompted for the passphrase ?

Thanks

Henry <henry9355@hotmail.com> writes:

> I am trying to setup an asymmetric system between a couple of
> computers I manage with gpg but am running into some problems when
> scripting a tools which moves data between the boxes in a secure
> manor, I am use gpg but would like to know if it is possible to
> generate a pair of key then place the public keys on these computer
> while keeping both the public and private key on the main server which
> will be sending the files, the problem is on the remote computer they
> need to decrypt the files without human interaction nor do I want to
> pass the passphrase on the command line.
>
> Is it possible to encrypt on the master server and decrypt on the
> remote computers just using the public key which is on them I beleive
> this should be possible but when I try I still get prompted for the
> passphrase ?

I'm not sure I fully understand you, but why can't you use scp and
ssh-keygen for this rather than gpg? The data will all be encrypted
in transit, and with keys the transfers can be done without having to
give pass phrases. You could wrap the scp calls in shell scripts if
you want.

--
J.D. Ripper
Email without "Re: " in subject line > /dev/null

J.D. Ripper wrote:
> Henry <henry9355@hotmail.com> writes:
>
>
>>I am trying to setup an asymmetric system between a couple of
>>computers I manage with gpg but am running into some problems when
>>scripting a tools which moves data between the boxes in a secure
>>manor, I am use gpg but would like to know if it is possible to
>>generate a pair of key then place the public keys on these computer
>>while keeping both the public and private key on the main server which
>>will be sending the files, the problem is on the remote computer they
>>need to decrypt the files without human interaction nor do I want to
>>pass the passphrase on the command line.
>>
>>Is it possible to encrypt on the master server and decrypt on the
>>remote computers just using the public key which is on them I beleive
>>this should be possible but when I try I still get prompted for the
>>passphrase ?
>
>
> I'm not sure I fully understand you, but why can't you use scp and
> ssh-keygen for this rather than gpg? The data will all be encrypted
> in transit, and with keys the transfers can be done without having to
> give pass phrases. You could wrap the scp calls in shell scripts if
> you want.
>
I need to use FTP as the users of the slaves devices will be doing the
updates and SCP may provide to much control as they will have the
ability to download files from the master server, where as in FTP I have
it lock in one directory only which would not permit them to download
anything out side of the "jail"

>>>I am trying to setup an asymmetric system between a couple of
>>>computers I manage with gpg but am running into some problems when
>>>scripting a tools which moves data between the boxes in a secure
>>>manor, I am use gpg but would like to know if it is possible to
>>>generate a pair of key then place the public keys on these computer
>>>while keeping both the public and private key on the main server which
>>>will be sending the files, the problem is on the remote computer they
>>>need to decrypt the files without human interaction nor do I want to
>>>pass the passphrase on the command line.
>>>
>>>Is it possible to encrypt on the master server and decrypt on the
>>>remote computers just using the public key which is on them I beleive
>>>this should be possible but when I try I still get prompted for the
>>>passphrase ?

By definition (RFC-2440), the private key is needed for Open-PGP decryption.
"My private key is mine alone.
My public key to many shown.
My secret key with some is shared,
But with only one message paired."
-- extract from Open-PGP Polka by Dr. Robert Meier 2001

AFAIK, gpg has no option for decryption using the public key. Theoretically,
you could use gpg --list-packets to extract the keys and write a script
to decrypt using the public key, but unless you are a meticulous security
expert, your chances of introducing a vulnerability are near certainty.

Though scp and ssh are not available to you, you can use gpg to duplicate
their function across ftp.
1. On each remote computer, one-time,
A. run gpg --genkey to generate a private key on that host,
B. save the passphrase with paranoid permissions
B. send the public key to the master server.
2. On the master server, one-time,
A. save each remote computer's public key in a gpg keyring.
3. For each data suite,
A. for each remote computer,
I. on the master server,
a. generate a random session key (e.g. use gpg --gen-random)
b. encrypt the data suite (e.g. use gpg --symmetric)
c. encrypt the session key for the remote computer
using (e.g. use gpg --encrypt --recipient)
d. send the encrypted data and session key
B. on the remote computer
I. read the passphrase
II. decrypt the session key (e.g. gpg --decrypt --passphrase-fd)
III. decrypt the data suite.

Hopefully helpful,
--
Dr. Robert J. Meier
Server Vantage Agent Infrastructure

Dr. Robert Meier wrote:
>>>>I am trying to setup an asymmetric system between a couple of
>>>>computers I manage with gpg but am running into some problems when
>>>>scripting a tools which moves data between the boxes in a secure
>>>>manor, I am use gpg but would like to know if it is possible to
>>>>generate a pair of key then place the public keys on these computer
>>>>while keeping both the public and private key on the main server which
>>>>will be sending the files, the problem is on the remote computer they
>>>>need to decrypt the files without human interaction nor do I want to
>>>>pass the passphrase on the command line.
>>>>
>>>>Is it possible to encrypt on the master server and decrypt on the
>>>>remote computers just using the public key which is on them I beleive
>>>>this should be possible but when I try I still get prompted for the
>>>>passphrase ?
>
>
> By definition (RFC-2440), the private key is needed for Open-PGP decryption.
> "My private key is mine alone.
> My public key to many shown.
> My secret key with some is shared,
> But with only one message paired."
> -- extract from Open-PGP Polka by Dr. Robert Meier 2001
>
> AFAIK, gpg has no option for decryption using the public key. Theoretically,
> you could use gpg --list-packets to extract the keys and write a script
> to decrypt using the public key, but unless you are a meticulous security
> expert, your chances of introducing a vulnerability are near certainty.
>
> Though scp and ssh are not available to you, you can use gpg to duplicate
> their function across ftp.
> 1. On each remote computer, one-time,
> A. run gpg --genkey to generate a private key on that host,
> B. save the passphrase with paranoid permissions
> B. send the public key to the master server.
> 2. On the master server, one-time,
> A. save each remote computer's public key in a gpg keyring.
> 3. For each data suite,
> A. for each remote computer,
> I. on the master server,
> a. generate a random session key (e.g. use gpg --gen-random)
> b. encrypt the data suite (e.g. use gpg --symmetric)
> c. encrypt the session key for the remote computer
> using (e.g. use gpg --encrypt --recipient)
> d. send the encrypted data and session key
> B. on the remote computer
> I. read the passphrase
> II. decrypt the session key (e.g. gpg --decrypt --passphrase-fd)
> III. decrypt the data suite.
>
> Hopefully helpful,

Thanks for your input further to my previous I have had a further
thought, I can put these update files on the master server which can be
accessible via https / password authentication. The client machine will
use wget to obtain the updates so this should take care of the
transmission of these files in a secure manor, now on to my second
problem I still want to adopt GPG for encrypting these updates to
provide some additional file security but can't obtain the private keys
for all the slaves servers as their is too many for this to work, would
my only option be installing both the private and public keys the slaves
boxes along with the master box which should only allow these slaves
units to decrypt the files.

Of course all of this transfering and running of the update scripts is
rolled into a script which requires not user interaction.

> Thanks for your input[.] [Subsequent] to my previous [message] I have had
> a further thought[.] I can put these update files on the master server
> which can be accessible via https / password authentication. The client
> machine will use wget to obtain the updates so this should take care of the
> transmission of these files in a secure [manner][.]

AFAIK, https uses the same SSL that ssh and scp do. I understand entry
into the first "secure" page performs a Diffie-Hellman Key Agreement
Algorithm, and subsequent requests uses symmetric encryption via a
session key.

> [Now] on to my second problem[,] I still want to adopt GPG for encrypting
> these updates to provide some additional file security but [i] can't
> obtain the private keys for all the [slave] servers as [there are] too
> many for this to work[.] [Would] my only option be installing both the
> private and public keys [from the master server] [on each of] the [slave]
> boxes [as well as] the master box which should only allow these [slave]
> units to decrypt the files.

Why? What "additional" security do you seek from GPG?
You should be able to configure the https (e.g. mod_ssl parameters in
/etc/httpd/httpd.conf if using apache) strength to be greater than
the GPG default.



If you copy a private+public pair to all involved hosts, then by definition
you are using symmetric encryption (sender and receiver use same cryptodata).
If you use symmetric encryption with gpg, you should use gpg --symmetric
rather than gpg --encrypt in order to derive the benefit of gpg's
meticulous key handling and avoid the increased vulnerability of copying
two keys (private+public) around.

RFC-2440\known to sender receiver others
definition
private key no yes no
public key yes yes yes
secret key yes yes no

Adding layers in general does not add security, just as adding more than
one lock to a house door doesn't add security. (Two locks take twice as
long to legitimately open. What an attacker learns from one lock probably
makes cracking the second lock easier. One of two keys is more easily
lost than one larger key.) Security layers need to be combined
strategically lest the combination be no stronger than the weakest link.

Hopefully helpful,
--
Dr. Robert J. Meier
Server Vantage Agent Infrastructure