Tar the directory
You can remove the [v] switch from the tar command to switch off the verbose mode. Encrypt
You can change Decrypt
======================================================= OpenSSLA single fileEncrypt and decrypt:# openssl aes-128-cbc -salt -in file -out file.aes # openssl aes-128-cbc -d -salt -in file.aes -out fileNote that the file can of course be a tar archive. tar and encrypt a whole directory# tar -cf - directory | openssl aes-128-cbc -salt -out directory.tar.aes # Encrypt # openssl aes-128-cbc -d -salt -in directory.tar.aes | tar -x -f - # Decrypt tar zip and encrypt a whole directory# tar -zcf - directory | openssl aes-128-cbc -salt -out directory.tar.gz.aes # Encrypt # openssl aes-128-cbc -d -salt -in directory.tar.gz.aes | tar -xz -f - # Decrypt
GPGGnuPG is well known to encrypt and sign emails or any data. Furthermore gpg and also provides an advanced key management system. This section only covers files encryption, not email usage, signing or the Web-Of-Trust.The simplest encryption is with a symmetric cipher. In this case the file is encrypted with a password and anyone who knows the password can decrypt it, thus the keys are not needed. Gpg adds an extention ".gpg" to the encrypted file names. # gpg -c file # Encrypt file with password # gpg file.gpg # Decrypt file (optionally -o otherfile) Using keysFor more details see GPG Quick Starthttp://www.madboa.com/geek/gpg-quickstart and GPG/PGP Basicshttp://aplawrence.com/Basics/gpg.html and the gnupg documentationhttp://gnupg.org/documentation among others.The private and public keys are the heart of asymmetric cryptography. What is important to remember:
# gpg --gen-key # This can take a long time
The keys are stored in ~/.gnupg/ on Unix, on Windows they are typically stored inC:/Documents and Settings/%USERNAME%/Application Data/gnupg/. ~/.gnupg/pubring.gpg # Contains your public keys and all others imported ~/.gnupg/secring.gpg # Can contain more than one private keyShort reminder on most used options:
Encrypt for personal use onlyNo need to export/import any key for this. You have both already.# gpg -e -r 'Your Name' file # Encrypt with your public key # gpg -o file -d file.gpg # Decrypt. Use -o or it goes to stdout Encrypt - Decrypt with keysFirst you need to export your public key for someone else to use it. And you need to import the public say from Alice to encrypt a file for her. You can either handle the keys in simple ascii files or use a public key server.For example Alice export her public key and you import it, you can then encrypt a file for her. That is only Alice will be able to decrypt it. # gpg -a -o alicekey.asc --export 'Alice' # Alice exported her key in ascii file. # gpg --send-keys --keyserver subkeys.pgp.net KEYID # Alice put her key on a server. # gpg --import alicekey.asc # You import her key into your pubring. # gpg --search-keys --keyserver subkeys.pgp.net 'Alice' # or get her key from a server.Once the keys are imported it is very easy to encrypt or decrypt a file: # gpg -e -r 'Alice' file # Encrypt the file for Alice. # gpg -d file.gpg -o file # Decrypt a file encrypted by Alice for you. Key administration# gpg --list-keys # list public keys and see the KEYIDS The KEYID follows the '/' e.g. for: pub 1024D/D12B77CE the KEYID is D12B77CE # gpg --gen-revoke 'Your Name' # generate revocation certificate # gpg --list-secret-keys # list private keys # gpg --delete-keys NAME # delete a public key from local key ring # gpg --delete-secret-key NAME # delete a secret key from local key ring # gpg --fingerprint KEYID # Show the fingerprint of the key # gpg --edit-key KEYID # Edit key (e.g sign or add/del email) |
Wiki >