HaikuOS things: gpg unable to decrypt symmetric, lftp lacking sftp
For publishing on flounder.online, one uses sftp. I use a set of bash aliases for that:
a helper alias, __flo__:
lftp -p 2024 -u mkf,$(pass flounder.online/m@mikf.pl | head) sftp://flounder.online \
-e 'mirror -n --delete --exclude=^\.git/$ -P -v
the command to download from Flounder, aliased to flogetn:
_flo_ . ~/flounderl/; bye'
and to publish to Flounder, aliased to flopush:
_flo_ -R /home/mf/flounderl/ .; bye'
With all the single-quote escapes, it amounts to
alias _flo_='lftp -p 2024 -u mkf,$(pass flounder.online/m@mikf.pl | head) sftp://flounder.online \
-e '\''mirror -n --delete --exclude=^\.git/$ -P -v '
alias flogetn='_flo_ . ~/flounderl/; bye'\'''
alias flopush='_flo_ -R ~/flounderl/ .; bye'\'''
The command syncs (mirrors) the directory one way or another, replacing only the newer files, and deleting ones that disappear. It doesn't touch the .git directory (a behavior that I was once struggling to make it present correctly).
But first, I need GPG.
Now I take my password for flounder from my password manager, pass.
In pass, my passwords are stored as a directory of OpenPGP-encrypted text files. Whether I were to attempt running/porting pass (which is written mostly in shell script) on Haiku, or just want to straight access them manually, I needed my OpenPGP private key.
I decided the best place to take it from will be my OpenKeychain keyring on my Android phone. What it does to secure the private key is it encrypts it with, in my case, a password of 9 times 4 decimal digits, symmetrically.
From OpenKeyChain FAQ:
### How to import an OpenKeychain backup with gpg?
1. Make a backup from OpenKeychain and transfer it to your computer via email or a cloud provider, like Dropbox. This is safe because OpenKeychain backups are encrypted with Advanced Encryption Standard (AES) using securely generated Backup Codes.
2. On your PC, execute
```bash
gpg --decrypt backup YYYY-MM-DD.pgp | gpg --import (replace backup YYYY-MM-DD.pgp with your backup file)
```
3. Enter the full Backup Code with uppercase letters and dashes, e.g., "ABCD-EFGH-IJKL-MNOP-QRSTUVWX"
After transferring the file to my HaikuOS laptop, my result was as follows:
~> file Desktop/backup_2021-11-03.sec.pgp
Desktop/backup_2021-11-03.sec.pgp: PGP message Symmetric-Key Encrypted Session Key (old)
~> LANGUAGE=c gpg --decrypt Desktop/backup_2021-11-03.sec.pgp
gpg: Please note that you don't have secure memory on this system
gpg: unknown armor header: Passphrase-Format: numeric9x4
gpg: unknown armor header: Passphrase-Begin: 48
gpg: AES256.CFB encrypted data
gpg: problem with the agent: Operation not allowed
gpg: encrypted with 1 passphrase
gpg: decryption failed: No secret key
~> gpg --version
gpg: Please note that you don't have secure memory on this system
gpg (GnuPG) 2.2.27
libgcrypt 1.8.5
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /boot/home/config/settings/gnupg
Obsługiwane algorytmy:
Asymetryczne: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Symetryczne: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256,
TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256
Skrótów: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Kompresji: Nieskompresowany, ZIP, ZLIB, BZIP2
~>
I have no idea what to do from there.
So — let's give up with GPG for now (sadge) and just type the password into some other store on that laptop and proceed.
Back to lftp
My use of lftp just straight out failed. Apparently for HaikuDepot it got compiled without sftp support, for some reason.
> flogetn Missing library lftp: sftp - not supported protocol mirror: Not connected 1 error detected
I suppose I will have to write myself something else for sftp sync, using what i will find working on Haiku.
And lack of GPG (and thus access to my password store) will keep being an annoyance in much other stuff.
/gemlog/