You want to use GnuPG’s –symmetric encryption, but instead of interactively entering the password you want to use a command line argument with the cleartext password.
--batch --yes --passphrase <passphrase>:
gpg --symmetric --batch --yes --passphrase 12345 <input file>
Note that this is potentially insecure as it’s way easier to find out the command line parameters of running programs than intercepting the inputs of the interactive input dialog. Therefore, use this strategy only if neccessary.
On Ubuntu, you can easily setup a daily job that tries to renew almost-expired Let’s Encrypt certificates.
service nginx reload
After that, sudo
chmod a+x /etc/cron.daily/renewcerts.
Now you should verify that the script would actually run:
run-parts --test -v /etc/cron.daily
should print, among other lines, this line:
IMPORTANT: You still need to run
certbot renew manually every 1-2 months to check if there are any errors that might prevent certs from being renewed.
NOTE: Since the script is calling
service nginx reload, you need to ensure that your nginx config files are not left in a broken state for too long if you edit them. Use
sudo nginx -t to check for errors after you edit them. Also note that if you make nginx config changes, the script might unintentionally apply them to your productive HTTP/HTTPS server!
You want to create a binary DEB package of libsodium. However, there is no official DEB package available for the latest version.
In C/C++ you want to encode/decode something from/to Base64. libtomcrypt is WTFPL-licensed and therefore provides a good choice for both commercial and non-commercial projects.
You want to calculate a hash of any string in C/C++. LibTomCrypt is WTFPL licensed, so it’s a good choice for commercial and non-commercial projects.