• Stars
    star
    129
  • Rank 279,262 (Top 6 %)
  • Language
    Shell
  • License
    MIT License
  • Created about 9 years ago
  • Updated almost 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Bash glue to encrypt and hide files

Chest Build Status

Bash glue to encrypt and hide files

Chest allows you to encrypt any file/folder and move it to a hidden directory on your machine. When needed you can retrieve it from the chest into the current working directory.

Chest makes use of password based AES256 encryption with a strong key derivation function provided by gpg to make sure your data is secure.

Your chest can easily by synced between machines via any third party cloud storage providers such as Dropbox or Google Drive etc.

Why

I wanted something that was:

  • Highly secure to store stuff like Bitcoin private keys
  • Easily accessible from the CLI (quickly encrypt/decrypt)
  • Can handle directories or files
  • Sync-able between machines
  • Usable interactively or scriptable
  • Password based (keys are in my brain, not on my machine)
  • Keeps me completely in control of my data
  • Allows me to choose whether to store locally or replicate to the cloud/VPS etc
  • Simple and easy to understand source code
  • No crazy dependencies

Chest ticks all those boxes. It's under 300 lines of fairly simple Bash, and about 90% of that are just CLI helper methods. The core encryption logic is easily understandable and is only a handful of lines.

It's basically a shell script wrapper around tar | gpg so you don't have to hand type commands like:

# Encrypt secret-folder
tar -cvzf - "secret-folder" | gpg -c --cipher-algo AES256 > "secret-folder.tar.gz.gpg"

# Decrypt secret-folder
gpg -d "secret-folder.tar.gz.gpg" | tar -xvzf -

Usage

$ chest -h
chest 0.4.0

Usage: chest -e [folder|file]
       chest -d [key]

  -h            Help. Display this message and quit.
  -e            Encrypt data and send to chest.
  -d            Decrypt data from chest.
  -z            Compress (zip) data before sending to chest.
  -r            Remove original data after sending to chest.
  -l            List items in chest.
  -k [key]      Set key to save/retrieve.
  -p [password] Set password. (omit to be prompted)

Options

CHEST_DIR

The directory all of your encrypted data will be stored in.

Defaults to ~/.chest.

export CHEST_DIR="$HOME/.chest"

CHEST_CLEAR_PASSWORD_CACHE

By default, gpg will cache passwords for as long as the gpg agent is running. This means you don't need to keep re-entering the same password to decrypt the same file. This is useful for certain use cases but for storing highly sensitive data is probably not what you want. By default we reload the gpg agent each time you enter a password to ensure they aren't cached.

You can diable this by setting CHEST_CLEAR_PASSWORD_CACHE to false.

Defaults to true.

export CHEST_CLEAR_PASSWORD_CACHE="true"

Tips

Cloud Backup/Sync

As long as you're using strong passwords, it's safe to replicate your Chest to the cloud. Everything will be encrypted before it leaves your machine and the keys are safely stored in your brain.

To re-iterate, you must use a sufficiently random password for cloud backup to be safe. If you don't fully understand this, do not replicate your chest to third-party cloud providers.

For example to set this up with Dropbox, you could either do:

ln -s ~/Dropbox/chest ~/.chest

or

export CHEST_DIR="$HOME/Dropbox/chest"

Now your encrypted files will be safely replicated around the world on Dropbox's servers to prevent against data loss.

You can also do this across multiple machines to keep your Chest in sync between them.

Installation

macOS

brew install lukechilds/tap/chest

Linux

Just clone this repo and either copy/symlink chest to your PATH or run the script directly with ./chest. Requires gpg to be installed.

Windows

Β―\_(ツ)_/Β―

License

MIT Β© Luke Childs

More Repositories

1

zsh-nvm

Zsh plugin for installing, updating and loading nvm
Shell
2,077
star
2

dockerpi

A Virtualised Raspberry Pi inside a Docker image
Dockerfile
1,747
star
3

reverse-shell

Reverse Shell as a Service
JavaScript
1,732
star
4

merge-images

Easily compose images together without messing around with canvas
JavaScript
1,611
star
5

gifgen

Simple high quality GIF encoding
Shell
527
star
6

zsh-better-npm-completion

Better completion for npm
Shell
450
star
7

when-dom-ready

$(document).ready() for the 21st century
JavaScript
334
star
8

refind-ambience

Minimal theme for the rEFInd boot manager
308
star
9

humanscript

A truly natural scripting language
Shell
226
star
10

htconvert

Convert .htaccess redirects to nginx.conf redirects
JavaScript
186
star
11

browser-env

Simulates a global browser environment using jsdom
JavaScript
171
star
12

coinlist

Comprehensive list of cryptocurrencies with metadata
JavaScript
155
star
13

coinflict-of-interest

Browser extension to show user biases on Crypto Twitter.
JavaScript
144
star
14

create-test-server

Creates a minimal Express server for testing
JavaScript
121
star
15

docker-electrumx

Run an Electrum server with one command
Dockerfile
102
star
16

base64-async

Non-blocking chunked Base64 encoding
JavaScript
98
star
17

doge-seed

Dank mnemonic seed phrases
HTML
89
star
18

onionite

Explore the Tor network
JavaScript
76
star
19

window

Exports a jsdom window object.
JavaScript
74
star
20

expired

Calculate when HTTP cache headers expire
JavaScript
74
star
21

github-custom-tab-size

Chrome extension - Set custom tab size for code view on GitHub.com
JavaScript
67
star
22

howmanyconfs.com

How many confirmations are equivalent to 6 Bitcoin confirmations?
JavaScript
61
star
23

create-cert

Super simple self signed certificates
JavaScript
43
star
24

react-jsdom

Render React components to actual DOM nodes in Node.js
JavaScript
33
star
25

byte-range

Returns integer ranges for C data types
JavaScript
32
star
26

parcel-plugin-ogimage

Set absolute URL for og:image meta tags.
JavaScript
22
star
27

build-output-script

Builds a P2PKH Bitcoin transaction output script
JavaScript
21
star
28

create-xpub

Create a BIP32 extended public key
JavaScript
21
star
29

onionoo-node-client

Node.js client library for the Tor Onionoo API
JavaScript
20
star
30

autoscale-do-block-storage

Autoscale Digital Ocean block storage volumes
Shell
20
star
31

my-name-is-url

Intelligent URL parser
JavaScript
17
star
32

docker-vertcoind

Run a full Vertcoin node with one command
Dockerfile
9
star
33

tippin-badge

Readme badge generator for tippin.me
HTML
8
star
34

docker-bitcoind

Run a full Bitcoin node with one command
Dockerfile
7
star
35

create-node

Converts an HTML string to a dom node
JavaScript
7
star
36

this

Traverses up the directory tree and returns the first module found
JavaScript
7
star
37

requirable

Enables a module to require itself by name
JavaScript
6
star
38

docker-ledger-sdk

Build a Ledger app with one command
Dockerfile
6
star
39

ephemeral-electrum

A quick throwaway text based Electrum instance.
Dockerfile
5
star
40

electrs-next

Docker configuration for testing the `next` branch of electrs.
Dockerfile
5
star
41

notary-node-utils

Utilities for running a notary node
Shell
5
star
42

docker-electrum-vertcoin

Run a Vertcoin Electrum server with one command
4
star
43

docker-barterdex-api

Shell
4
star
44

vainjs

A JavaScript vanity address generator
JavaScript
4
star
45

sign-release

Easy automated release signing
Shell
3
star
46

vercel-bug

JavaScript
1
star
47

test

test repo for testing git/GitHub related things
1
star
48

arrows

My custom ZSH theme
Shell
1
star
49

eslint-config-lukechilds

My personal eslint preferences
JavaScript
1
star
50

eslint-config-xo-lukechilds

My personal XO overrides
JavaScript
1
star
51

Extension

Browser extension to show user influence on Crypto Twitter.
JavaScript
1
star
52

morethan140

View and send tweets over 140 characters
JavaScript
1
star
53

b64golf

JavaScript
1
star
54

AtHash

Social text parser
JavaScript
1
star
55

pirateproxy

Proxy site for thepiratebay.org
JavaScript
1
star
56

javascript

How we like to JavasScript at Unsplash.
JavaScript
1
star
57

umbrel-apps-test-2

1
star
58

syringe

Search and inject packages from npm
JavaScript
1
star
59

blog-clj

Clojure
1
star
60

anonlytics-express

Privacy respecting analytics for express apps
JavaScript
1
star
61

tor-hs-issue-repro

Shell
1
star
62

trim

Rust
1
star
63

hyperdex-bugtracker

1
star
64

homebrew-tap

My Homebrew tap
Ruby
1
star
65

bip39-versioned

Proof of concept adding versioning to BIP39 compatible seeds
JavaScript
1
star