Project

git-blur

0.0
Repository is archived
No commit activity in last 3 years
No release in over 3 years
git-bluracasajus/git-blurHomepageDocumentationSource CodeBug TrackerWiki
git-blur transparently encrypts and decrypts files in your git repo
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
 Popularity
Downloads
4,295
Stars
4
Forks
0
Watchers
1
 Releases
Current version
0.0.1
Total releases
1
First release
2013-08-13
Latest release
2013-08-13
 Issues
Open Issues
1
Closed Issues
1
Total Issues
2
Issue Closure Rate
50%
 Development
Primary Language
Ruby
Average date of last 50 commits
2014-01-06
Reverse Dependencies
0

 Dependencies
 Project Readme

git-blur

git-blur transparently encrypts and decrypts files in a git repository. It is heavily based on git-crypt. You can choose which files to encrypt. Each file will be encrypted individually. This way there can be private and public files in the same repository. People withouth git-blur or without the proper key will still be able to access the public files.

Key files can be generated randomly or using a password. If you generate the key file randomly you need to BACKUP it in a secure place. If the key file is lost, encrypted files won't be able to be decrypted. On the other hand, if you generate the key file using a password, you will always be able to generate the same key using the same password.

git-blur was written by Adria Casajus

Installing git-blur

git-blur is packed as a gem. Just run:

$ gem install git-blur

and it should do the trick.

Using git-blur

First you need to generate a key file

$ git blur init

It will ask for your password twice to generate your key file. From then just create a .gitattributes file specifying which files to encrypt:

$ cat .gitattributes
secretfile filter=git-blur diff=git-blur
*.key filter=git-blur diff=git-blur

The .gitattributes file should be committed into the repository but make sure you DON'T ENCRYPT the .gitattributes file.

To retrieve a repo with already encrypted files just:

$ git clone /path/to/repo
$ cd repo
$ git blur init

After generating the keyfile git should unencrypt automatically all encrypted files.

Security

git-blur encrypts files using three nested ciphers using an IV derived from the file hash. Each file is first encrypted with AES-256 then with Blowfish and then DES3. All ciphers are used in CBC mode. I've chosen this ciphers because they are the ones included in OpenSSL.

Key file is stored unencrypted on disk under .git/blur.conf. The user is responsible for protecting it and ensuring it's safely distributed only to authorized people.

Warrant

Software is provided as-is. It was intended as an experiment with ruby and ended up being the way I crypt data in my repos. If you've got any suggestion/improvement please create an issue and I'll look into it.