Encryption¶
Spend offers encryption functionality, with veracrypt and GPG.
Warning
Spend is using symetric and asymetric encryption, using veracrypt containers and PGP-protected messages. If you want use these features, you should learn how it works. Some links about that :
Encryption works this way :
- A random name for the run is chosen. Let’s call it
RunA
- A random password (
KeyA
) is created. It is stored PGP-encrypted on the output device, under the nameRunA.key
- A veracrypt encrypted volume named
RunA.files
, which can be open withKeyA
, is created on the output device - Targets files are stored in the encrypted volume
So, to decrypt the files :
- Decrypt the file
xxx.key
with PGP, using your favorite software. - Open the veracrypt volume, called
xxx.files
. The password is inside the file you just opened via PGP
Importing a new public key¶
Spend have an automatic update system which lets you use your own GPG keyring to receive the files.
You just have to export your public key (cf. documentation of the software you uses), and store it in Spend’s SD card at this place : /home/spend/update/key.gpg