So I recently got myself a USB voice recorder so that I could record some meetings. It’s a neat little device that passively records, and mounts as a USB storage device at the same time as charging.
I didn’t want to have to manually copy the recordings every time I plug it in to charge, so I wanted to write a system to automatically move the files off the device. However, due to the nature of the recordings I wanted to make sure that only I would be able to listen to them, which meant I had to encrypt them with GPG.
The end-result is that I can use my brand new raspberry pi 3 running headless with a daemon that waits until the device is plugged in, then moves the file to the computer, encrypts it using my GPG public key, and then shreds the local unencrypted copy.
Setting up the encryption key
I am assuming you already have a GPG key pair generated, if not there are
plenty of only GPG introductions (basically
The basic steps are as follows:
- Export your public key with
gpg --export -a "Your Name" > public.key
- Copy it to your your raspberry pi with
scp public.key user@pilocation
- Import it on your raspbeery pi
gpg --import public.key
I chose to use
devmon from the
udevil package, which will automatically mount the drive and can
optionally run commands.
I started it as follows
devmon --exec-on-label RECORD /home/pi/encrypt_recorder.py
You can use a different way of identifying the device either with
--exec-on-drive. Check out
man devmon for more info.
This is what runs once the drive has been mounted.
Place it on your home directory, or somewhere accessible (and change the daemon command accordingly)
and make sure you set the
dst varibles correctly.
Now whenever I plug in my USB recorder, the daemon will pick it up, mount it, and move the recordings, encrypt them using my public GPG key, and shred the original file.