Multiple files encrypted with multiple GPG keys - how to easily add/remove/manage keys, automate key change tasks?

Question

We have a bunch of files that contain sensitive information, that need to be accessed by several teams, but need to be unreadable to everyone else. Currently, each team member needs to generate their own GPG key pair and share their public key with the team.

Then whoever has access to the files will add the new person's key to the relevant files. This is a fiddly and time-consuming process. Same when a key needs to be removed from files (say, the person has left the company).

This could be automated, but I do not want to reinvent the wheel. Are there any tools that automate the process I've described?

score 0 · Answer 1 · answered Feb 24 '23 at 13:36

If you use Git, you can use Blackbox : Blackbox Github

Blackbox is a command-line tool designed to help manage secrets, in a secure way. Blackbox encrypts files that contain sensitive data, and only authorised users with the encryption key can decrypt the files and access the secrets inside. These files are encrypted using GPG keys.

Multiple files encrypted with multiple GPG keys - how to easily add/remove/manage keys, automate key change tasks?

1 Answers1