Skip to content
/ git-blur Public

Encrypt and decrypt files in your git repository transparently

License

GPL-3.0 license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

acasajus/git-blur

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits

bin

bin

 
 

lib

lib

 
 

spec

spec

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

Gemfile

Gemfile

 
 

Gemfile.lock

Gemfile.lock

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Rakefile

Rakefile

 
 

git-blur.gemspec

git-blur.gemspec

 
 

Repository files navigation

git-blur

git-blur transparently encrypts and decrypts files in a git repository. It is heavily based on git-crypt. You can choose which files to encrypt. Each file will be encrypted individually. This way there can be private and public files in the same repository. People withouth git-blur or without the proper key will still be able to access the public files.

Key files can be generated randomly or using a password. If you generate the key file randomly you need to BACKUP it in a secure place. If the key file is lost, encrypted files won't be able to be decrypted. On the other hand, if you generate the key file using a password, you will always be able to generate the same key using the same password.

git-blur was written by Adria Casajus

Installing git-blur

git-blur is packed as a gem. Just run:

$ gem install git-blur

and it should do the trick.

Using git-blur

First you need to generate a key file

$ git blur init

It will ask for your password twice to generate your key file. From then just create a .gitattributes file specifying which files to encrypt:

$ cat .gitattributes
secretfile filter=git-blur diff=git-blur
*.key filter=git-blur diff=git-blur

The .gitattributes file should be committed into the repository but make sure you DON'T ENCRYPT the .gitattributes file.

To retrieve a repo with already encrypted files just:

$ git clone /path/to/repo
$ cd repo
$ git blur init

After generating the keyfile git should unencrypt automatically all encrypted files.

Security

git-blur encrypts files using three nested ciphers using an IV derived from the file hash. Each file is first encrypted with AES-256 then with Blowfish and then DES3. All ciphers are used in CBC mode. I've chosen this ciphers because they are the ones included in OpenSSL.

Key file is stored unencrypted on disk under .git/blur.conf. The user is responsible for protecting it and ensuring it's safely distributed only to authorized people.

Warrant

Software is provided as-is. It was intended as an experiment with ruby and ended up being the way I crypt data in my repos. If you've got any suggestion/improvement please create an issue and I'll look into it.

About

Encrypt and decrypt files in your git repository transparently

Resources

Readme

License

GPL-3.0 license
Activity

Stars

4 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages