Gitcrypt is a set of scripts used to encrypt and decrypt automatically for you git repositories.
Put fnmatch, git_crypt_filter in one of your $PATH directories.
-
Create a new git repository.
$> git init encryped_repo $> cd encryped_repo
Then run git_crypt_deploy, and it will guide you to configurate the encryption and decryption settings.
$> ~/bin/git_crypt_deploy
-
Edit the pattern list file, default is
.gitcrypt, it works like.gitignore. Each line is a pattern to match file names. All matched files will be encrypted before staging(store as git blob files). And they are decrypted when checking out automatically. Thefnmatchscript is used to match a file name with a file containing glob patterns, there's an example of how to use it:# Lines begin with # are comments # Encrypt all indexed files * # Encrypt files under `passwords` directory passwords/\ # Just encrypt file `ssh/config` ssh/config -
Commit changes
$> git commit passwords/ -m "Add password for Facebook"
Then all changes are encrypted and stored as git blobs. If you push the changes to a public remote repository, others will only see the encrypted version as long as you don't share the salt and key with them.