OESF Portables Forum
Model Specific Forums => Cosmo Communicator => Cosmo Communicator - Linux => Topic started by: Omroth on March 07, 2020, 04:37:16 am
-
Hey guys.
I'd like to use Termux on the cosmo to log in to my cloud servers, but I don't want to have my ssh keys available if my phone is lost/stolen.
(I don't use the fingerprint detection as I find it doesn't unlock reliably for my use case)
Is it possible to setup an encrypted directory that I have to manually unlock every time I start a new Termux terminal?
Thanks,
Ian
-
Hey. This isn't really answering your question. But you could turn on device encryption and lock the device with a PIN? Then if you lose it or it is stolen, nobody could get into it? Another option if you're open to using other apps for SSH is an app called Admin Hands. It has a password function. So you can make it ask for a password each time you open the app. Actually I quite like Admin Hands. IT has a couple of nice features like being able to connect and run SSH scripts easily. It also has a monitoring function (which I assume just connects via SSH and runs top) but it's a nice way to quickly check your server resources.
Hope these suggestions help.
-
Yep, this is do-able with encrypted filesystems like encfs, encryptfs, gocryptfs, cryfs etc.
I would look into gocryptfs.
This might be helpful also: https://nuetzlich.net/gocryptfs/comparison/ (https://nuetzlich.net/gocryptfs/comparison/)
[EDIT] If you are just looking to encrypt a file or two, you can also use just openssl or gpg, see here: https://stackoverflow.com/questions/1605613...t-decrypt-files (https://stackoverflow.com/questions/16056135/how-to-use-openssl-to-encrypt-decrypt-files)
If you combine this with a shellscript you could do e.g.:
#!/usr/bin/env bash
#
if [ "$1" == "enc" ]; then
< commands to encrypt from blah.plain.txt to blah.enc, move blah.plain.txt to blah.plain.old on success >
elif [ "$1" == "dec" ]; then
< commands to decrypt from blah.enc to blah.plain.txt, move blah.enc to blah.enc.old on success >
else
echo "Usage: $0 ( enc | dec )"
echo " enc: encrypt your plaintext file"
echo " dec: decrypt your cipher file"
fi