Use someone's SSH public key to encrypt a file into a self-extracting script

GNUmakefile

PRV ?= ~/.ssh/id_rsa
PUB ?= $(PRV).pub

clean:
	rm -f *.enc *.key *.keyenc *.dec *.sh

# Encryption
$(PUB).pkcs8: $(PUB)
	ssh-keygen -e -f $< -m PKCS8 > $@

%.key:
	openssl rand 192 -out $@

%.enc: %.key
	openssl aes-256-cbc -in $* -out $@ -pass file:$<

%.keyenc: %.key $(PUB).pkcs8
	openssl rsautl -encrypt -pubin -inkey $(PUB).pkcs8 -in $< -out $@

%.sh: %.enc %.keyenc
	echo "#!/bin/bash" >> $@
	echo "# Run this script to decrypt the file '$*'." >> $@
	echo >> $@
	echo >> $@
	echo "PRV=$(PRV)" >> $@
	echo "uudecode -o \"$*.keyenc\" <<\"EOF\"" >> $@
	uuencode "$*.keyenc" < "$*.keyenc" >> $@
	echo "EOF\n\n" >> $@
	echo "uudecode -o \"$*.enc\" <<\"EOF\"" >> $@
	uuencode "$*.enc" < "$*.enc" >> $@
	echo "EOF\n\n" >> $@
	echo "openssl rsautl -decrypt -ssl -inkey $(PRV) -in \"$*.keyenc\" -out \"$*.keydec\"" >> $@
	echo "openssl aes-256-cbc -d -in \"$*.enc\" -out \"$*\" -pass file:\"$*.keydec\"" >> $@
	echo "rm \"$*.enc\" \"$*.keyenc\" \"$*.keydec\"" >> $@
	chmod 755 $@