Next: , Previous: Confidential Fields, Up: Encryption

13.2 Encrypting Files

recins allows the insertion of encrypted fields in a database. When the -s (--password) command line option is specified in the command line any field declared as confidential in the record descriptor will get encrypted using the given passphrase. If the command is executed interactively and -s is not used then the user is asked to provide a password using the terminal. For example, the invocation:

     $ recins -t Account -s mypassword -f Login -v foo -f Password  \
       -v secret accounts.rec

will encrypt the value of the Password field with mypassword as long as the field is declared as confidential. (see Confidential Fields for details on confidential fields).

recins will issue a warning if a confidential field is inserted in the database but no password was provided to encrypt it. This is to avoid having unencrypted sensitive data in the recfiles.