Arch Linux
CentOS
Fedora
Linux Mint
Suse
Ubuntu
Opensource
Android
FAQs
Q/A Forum
Firefox 16, a treat for developers http://t.co/cnd27CzT
Encrypt data in Linux/Unix
Do you have files on your computer that you wouldn’t want your spouse to read, or perhaps your main competitor. Chances are if you use your computer for work or general usage the answer is yes. Also what happens if you want to send a file to someone, or let them download it from you, but you only have access to the coded file.
OpenSSL :
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
Encrypt:
openssl des3 -salt -in unencrypted-data.tar -out encrypted-data.tar.des3
enter des-ede3-cbc encryption password:
Verifying - enter des-ede3-cbc encryption password:
Decrypt:
openssl des3 -d -salt -in encrypted-data.tar.des3 -out unencrypted-data.tar
enter des-ede3-cbc encryption password:
GPG:
GnuPG is the GNU project’s complete and free implementation of the OpenPGP standard as defined by RFC4880 . GnuPG allows to encrypt and sign your data and communication, features a versatile key managment system as well as access modules for all kind of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available. Version 2 of GnuPG also provides support for S/MIME.
Encrypt:
[root@localhot ~]# gpg -c testfile.txt
Enter passphrase:
Repeat passphrase:
[root@localhot ~]# cat test
bla blabla
[root@localhot ~]# cat test.gpg
+c)Û;6¢!> ¾çõÀ`É#+° cÍÐ*b×áw´¡Rbùßåì
:) realy crypted
Now Decrypt:
[root@localhot ~]# gpg test.gpg
gpg: CAST5 encrypted data
Enter passphrase:
AES Crypt :
AES Crypt is an advanced file encryption utility that integrates with the Windows shell or runs from the Linux command prompt to provide a simple, yet powerful, tool for encrypting files using the Advanced Encryption Standard (AES) algorithm. There is also a Java library for software developers who wish to read and write AES-encrypted files from within Java application.
Encrypt:
aescrypt -e -p password file.jpg
Decrypt:
aescrypt -d -p password file.jpg.aes
tar and Encrypte directory :
tar -cvf - /home | aescrypt -e -p password - >backup_files.tar.aes
Using AES Crypt for Java:
This Java AES Crypt package contains the Java class es.vocali.util.AESCrypt, which provides file encryption and decryption using aescrypt file format.
Requirements
In order to use 256 bit AES keys, you must download and install “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files” from http://java.sun.com/javase/downloads/index.jsp
java -cp bin es.vocali.util.AESCrypt e|d password fromPath toPath
e = encrypt d= decrypt
Ecryptfs:
Is a kernel-native cryptographic filesystem.
It’s also a stacked filesystem, eCryptfs must work on top of another filesystem such as Ext3.
This means that you don’t need to allocate space for eCryptfs, it will grow and shrink as you add files
to it.
Encrpte Files in Fedora or Ubuntu :
First install ecryptfs :
On Fedora
[root@localhot ~]# yum install ecryptfs-utils.i586
On Ubuntu :
[root@localhot ~]# apt-get install ecryptfs-utils
Lets see how it works :
[root@localhot ~]# mkdir ~/secrets
[root@localhot ~]# chmod 700 ~/secrets
[root@localhot ~]# mount -t ecryptfs ~/secrets/ ~/secrets
Select key type to use for newly created files:
1) openssl
2) passphrase
3) tspi
Selection: 2
Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
2) blowfish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded)
4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
Selection [aes]:
Select key bytes:
1) 16
2) 32
3) 24
Selection [16]:
Enable plaintext passthrough (y/n) [n]: N
Enable plaintext passthrough (y/n) [n]: n
Enable filename encryption (y/n) [n]:
Attempting to mount with the following options:
ecryptfs_unlink_sigs
ecryptfs_key_bytes=16
ecryptfs_cipher=aes
ecryptfs_sig=6ecfe823eb71f8f9
WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
it looks like you have never mounted with this key
before. This could mean that you have typed your
passphrase wrong.
Would you like to proceed with the mount (yes/no)? yes
Would you like to append sig [6ecfe823eb71f8f9] to
[/root/.ecryptfs/sig-cache.txt]
in order to avoid this warning in the future (yes/no)? yes
Successfully appended new sig to user sig cache file
Mounted eCryptfs
Now copy some files to ~/secrets
and umount ~/secrets and check if you read the files.
For questions please refer to our Q/A forum at : http://ask.unixmen.com
Mel Kham
Founder of Unixmen, Living in Amsterdam. Am working in my free time to help people to understand the Opensource and to explain them in easy way how to make the fist steps to the the light.
Working day and night with my Co-founder Zinovsky to keep this website live even with less resources.
-
http://www.bdv-unix-skills.co.uk
-
http://enteryoursiteURL...
-
http://unix.privacylover.com
-
http://www.bestfinance-blog.com
Like us on Facebook
This week Top Posts 
Top Things to do After Installing Ubuntu 13.04 ‘Raring Ringtail’ : Ubuntu 13.04 Raring Ringtail final is almost out. The final release it scheduled for release on Apri...0 comment(s) | 
Howto: Upgrade to Ubuntu 13.04 Raring Ringtail from 12.04, 12,10 | Desktop & Server : Updated 05-04-2013: Ubuntu 13.04 Raring Ringtail will be released Soon, If you have ubuntu 12,10, 12...0 comment(s) | - Install lamp with 1 command in Ubuntu 12.10, 13.04 Raring Ringtail & LinuxMint13 : Updated: 10/09/2012 :LAMP (Linux, Apache, MySQL and PHP) is an open source Web development platform ...0 comment(s) |
Scan Your Home Network With Nmap : Who should read this article? Everyone who is interested in computer security and computer networkin...0 comment(s) | - Configure conky-Lua in Ubuntu (12.10 & 13.04 Raring Ringtail), Fedora, debian and LinuxMint | Howto Conky : Updated 05-04-2013: Conky is a free, light-weight system monitor for X, that displays any informatio...0 comment(s) |
- Howto- Resolve nosound problem on Ubuntu 13.04 Raring Ringtail,12.10 and Older : Updated 05/04/2013 : One of the common issues facing Ubuntu users after installing or upgrading Ubun...0 comment(s) |
Recent Posts
Recent Posts
- Secure File from Removal in Linux and Unix
- How to Install Nginx on FreeBSD 9.x
- Create a Launcher in Ubuntu Using Bash
- Scan Your Home Network With Nmap
- Steganography- Hide Your Files Inside An Image in Linux
- Unix/Linux File Recognition. Did You Know?
- Migrate from MySQL to MariaDB in FreeBSD
- Connect Your Android Galaxy Tablet to Ubuntu via USB
- ElementaryOS Beta 1 and 2 Comparison and Review
- Introduction to the Linux Command Line
Recent Comments
Unixmen Archive
Unixmen Twitts
Ubuntu 12.10 ‘Quantal Quetzal’: Beta 2 Sneak Peek http://t.co/hd4LwDOy
Top 5 security Myths about Linux; and their realities http://t.co/zO1LgHST
Maintained by
Anblik
.
Snake
| #
Wow, great. That’s what i’m waiting for too. I want to make DC with LDAP ( Active Directory alternative) and SAMBA on Ubuntu. :-)
Blawer
| #
Thanks!!!!!!!!!!!!!!!!!! you rules!!! all the other “help” in google are useless… yours was very helpful. Thanks again
piCool
| #
Great ! we have another another master trick :-)
Yilmaz Ulugtekin
| #
Just delete the space after the slash (/) it will work.
Pat L
| #
I tried it and it works with a regular zip file, but if you password-protect the .zip file it does NOT work.