Documentation
¶
Overview ¶
Command paxz is like tar|gzip|openssl enc, but with long filenames and simple crypto. Specifically, it writes to Stdout a POSIX.1-2001-format archive of the current working directory, gzip-compressed and ASCON80pq-encrypted, ignoring special files.
"paxz -d dir" reads such an archive from Stdin, and recreates in a new subdirectory dir. Symbolic links are not (yet) restored, out of security concerns yet to be analyzed.
The encryption key is supplied by environment variable P. As a quick check for mistyped passphrases, paxz prints a checksum on Stderr. It is a matter of personal taste whether passphrases should read from a raw mode terminal, from a file, from a command line argument or from the environment as done here. None of the approaches is perfect.
I use this command for offline bulk backup; otherwise I prefer upspinfs or upsync. The static linking and easy cross-compilation of Go makes this tool relatively painless to use even on foreign systems.
Source Files