Difference between revisions of "MDC2018Ensembles"
Jump to navigation
Jump to search
Line 1: | Line 1: | ||
+ | ===Encrypting and decrypting closed ensemble data=== | ||
+ | RSA public/private key pair was created on the Fermilab machines in the mu2epro account using | ||
− | + | gpg --gen-key | |
− | gpg --import --no-default-keyring --secret-keyring temporary | + | The public key id is 6827CEA8 and the private key id is C8268954. The recipient was set to "Richie Bonventre <rbonventre@lbl.gov>", and the private key was password protected with the default mu2e docdb password. |
− | gpg --no-default-keyring --secret-keyring temporary --trust-model always --output | + | |
+ | The private key was exported using | ||
+ | |||
+ | gpg --export-secret-keys C8268954 > mu2eSecretKey.asc | ||
+ | |||
+ | Afterwards, the secret key was deleted from the keyring using | ||
+ | |||
+ | gpg --delete-secret-key C8268954 | ||
+ | |||
+ | The public key remains and so any file can be encrypted from the mu2epro account using | ||
+ | |||
+ | gpg --output myfile.enc --encrypt --recipient 6827CEA8 myfile | ||
+ | |||
+ | The file mu2eSecretKey.asc has been saved on several usb drives. To decrypt the files, copy mu2ePrivateKey.asc to a fermilab machine, then: | ||
+ | |||
+ | gpg --import --no-default-keyring --secret-keyring temporary mu2eSecretKey.asc | ||
+ | gpg --no-default-keyring --secret-keyring temporary --trust-model always --output myfile --decrypt myfile.enc | ||
rm ~/.gnupg/temporary | rm ~/.gnupg/temporary |
Revision as of 21:50, 20 August 2019
Encrypting and decrypting closed ensemble data
RSA public/private key pair was created on the Fermilab machines in the mu2epro account using
gpg --gen-key
The public key id is 6827CEA8 and the private key id is C8268954. The recipient was set to "Richie Bonventre <rbonventre@lbl.gov>", and the private key was password protected with the default mu2e docdb password.
The private key was exported using
gpg --export-secret-keys C8268954 > mu2eSecretKey.asc
Afterwards, the secret key was deleted from the keyring using
gpg --delete-secret-key C8268954
The public key remains and so any file can be encrypted from the mu2epro account using
gpg --output myfile.enc --encrypt --recipient 6827CEA8 myfile
The file mu2eSecretKey.asc has been saved on several usb drives. To decrypt the files, copy mu2ePrivateKey.asc to a fermilab machine, then:
gpg --import --no-default-keyring --secret-keyring temporary mu2eSecretKey.asc gpg --no-default-keyring --secret-keyring temporary --trust-model always --output myfile --decrypt myfile.enc rm ~/.gnupg/temporary