Encrypting Cron job email output.

Atom 'Smasher' atom at suspicious.org
Mon Aug 23 23:15:51 CEST 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Mon, 23 Aug 2004, Werner Koch wrote:

>> /usr/sbin/chkrootkit 2>&1 | mail -s "chkrootkit
>> output"saulinux at safe-mail.net
>
> insert "gpg -ear somekey --always-trust" into the pipeline.
==================

that will only encrypt stdout, leaving stderr (if there is any) 
unencrypted. solve that by running:
 	cron-job-command 2>&1 | gpg --trust-model always -ear somekey

("--trust-always" is deprecated, use "--trust-model always")
(also, as a matter of habit, options before commands (mostly))

your subject line will be visible to anyone who may intercept the 
message... if that's a problem, write a tiny shell script that runs the 
command and pipes the output through gpg-encrypt... run that script from 
cron and then the subject line will just read "Cron 
/path/to/shell/script", which may reveal less useful information to an 
attacker.


         ...atom

  _________________________________________
  PGP key - http://atom.smasher.org/pgp.txt
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
  -------------------------------------------------

 	"Every gun that is made, every warship launched, every rocket
 	 fired signifies, in the final sense, a theft from those who
 	 hunger and are not fed, those who are cold and are not
 	 clothed. This world in arms is not spending money alone. It
 	 is spending the sweat of its laborers, the genius of its
 	 scientists, the hopes of its children. This is not a way of
 	 life at all in any true sense. Under the clouds of war, it is
 	 humanity hanging on a cross of iron."
 		-- Dwight Eisenhower, April 16, 1953
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures

iQEcBAEBCAAGBQJBKl6MAAoJEAx/d+cTpVcirXcIALG5+Qwk8sRyY8PWutSYmBk0
vL2K+xhXLn17Mdi9W/CLoXvsiFBcfJu4cDN1BzSJPH//c7CzABwYnXFrW3zcfjmj
bY4DKWb53vl7kDrBvl/PZGZeFhSIHXj999iO6GWVKjJDWjv/mndQDY/tqp5API0e
jvXW3T19fDtr/sP5/Xql967knI5di4Ph2T5Ht4M0scg5UF6itsrxUEQl8tUcXJ52
OUBL9XXoLI9n9Z0eh8RCg77n6z7ZO500GIcWEzXaMeLsFVmUvMlgwgOnLccjefkz
Ysqy89mjbX3hQr2m+rkjHi5Ri6njTPQFUcvfPlp2NDUxnluN20+NHgSp3VXtMGc=
=CXnn
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list