I’ve been experimenting with QR Codes lately and came up with a solution that is a lot safer than carrying pen drive with you and does not require you to use your cloud storage username and password on someone else’s machine neither.

So I have written a script that encrypt the file and sends the private key to the printer in the form of a QR code, so here is the script.

#!/bin/dash

# Grab first parameter and create a time stamp.
srcPath=$1
stamp=$(date +%s)

# Generate Private and Public Key
privateKey=$(age-keygen 2>/dev/null | sed 's:#.*$::g' | tr -d '\n')
publicKey=$(echo $privateKey | age-keygen -y)

dstPath=/path/to/$stamp-${srcPath:t}.age

# Dump the URL
echo "https://www.example.com/$stamp-${srcPath:t}.age"

# Encrypt the file to dstPath,
# on success send the QR Code (containing the private key) to the default printer.
age -e -r $publicKey -o $dstPath $srcPath && echo $privateKey | qrencode -t EPS | lpr

The only two external dependencies are age file encryption and qrencode.

After running the script, it just the case of downloading the file onto the target machine and also scanning the QR code either by using the phone, webcam or a 2D scanner, than it should reveal the private key.

Once you’re done, you can destroy that piece of paper that has the QR code on, so it can not be used again, it a lot easier than trying to destroy the pen drive. After all it a piece of paper, you can shred it, you can set it alight quite easily, heck you can even swallow it, but I would not recommend doing that. 😂

In my humble opinion it better to store a piece of paper in the wallet than to carry the pen drive with you, as the piece of paper is safer as long as you don’t put full url on there.

Modern encryption key are quite short nowadays, they fit quite nicely onto a small QR code, without much fuss.

If you want me to write other kinds of script, let me know in the comments section.