Demonstrates how asymmetric cryptography works using basic CLI tools.
- Age is used for encrypting and decrypting.
ssh-keygenis used for creating and verifying signatures.
The keys we'll be using in this demo are your already-existing SSH keys.
Make sure age is installed:
- macOS:
brew install age - Ubuntu:
sudo apt update && sudo apt install age
Copy .env.example to .env and fill it out with your information.
Do the same for allowed-signers.example. The allowed-signers file simply maps email
addresses to public SSH keys.
If you want to encrypt a message that only Phil can decrypt:
./encrypt.sh [phil's email address]Follow the prompts and a message + signature will be printed which you can copy / paste and send to Phil.
If you want to decrypt a message and verify that it actually came from Phil:
./decrypt_and_verify.sh [phil's email address]Follow the prompts and you will see the encrypted message + signature verification results.