41

I need to be able to encrypt/decrypt a single text file stored on my external HD in 12.04 LTS, preferably a GUI application, if any, or the command line otherwise. Thank you.

user75345
  • 411
  • 1
  • 5
  • 3

5 Answers5

48

A simple way to encrypt a single file is with openssl:

openssl des3 < youfile.txt > yourfile.txt.des3

This will prompt you for a passphrase, which you will need to enter later when decrypting the file.

openssl des3 -d < yourfile.txt.des3 > yourfile.txt.decrypted

To make this "graphical" you could put it in a Nautilus script and make it accessible from the context menu. (See the docs of Nautilus for that.)

UPDATE

des3 is just an example. Run openssl enc -ciphers or openssl list -cipher-algorithms to see the full list of ciphers.

rvf
  • 105
janos
  • 4,888
  • 12
    Why des3? You can do much better encryption faster with openssl aes-128-cbc – Brendan Long Jun 14 '13 at 19:46
  • @BrendanLong: I guess the reason is that aes-128-cbc in not mentioned in man openssl - I wonder why. It works, though. – Walter Tross Dec 21 '13 at 02:09
  • Note, I just tried to encrypt a file on Ubuntu with des and decrypt it on Windows, and got an error 7C230000:error:1C800064:Provider routines:ossl_cipher_unpadblock:bad decrypt:providers\implementations\ciphers\ciphercommon_block.c:124 – ripper234 Oct 17 '23 at 15:19
30

Lets assume that a person wants to encrypt a file called 'message.txt':

1. Encrypting a file using GPG, for personal use

I. Using a passphrase to encrypt the file (and not the private key)

I.i. The command: gpg -c message.txt does it; it asks for a password (and a password confirmation) and generates an encrypted 'message.txt.gpg', which is binary.

I.ii. If you want to generate an ASCII encrypted file, which is base64(i think) of that file, you can use gpg -c --armor message.txt This will generate an 'message.txt.asc', which is the same as the generated by the command before, but base64 coded, i.e., the encrypted file in text mode (.asc, not binary as .gpg would be).

II. Using a private key to encrypt a file

II.i. If you want to encrypt a file using your key, instead of only a passphare, use the command gpg -e -r 'yourname' message.txt. The argument 'yourname' should contain a part of the name that you used to create the private key. If you dont give the -r parameter, gpg will ask for it. You can type our name then (the same that you would type on command line).

II.ii. Point II.i would give you a binary file. If you want to get an ASCII file, use --armor. gpg -e -r 'yourname' --armor message.txt.

2. Decrypting the file encrypted with GPG

To decrypt, the file, use the command gpg -d --output OUTPUTFILE message.txt.gpg. This will ask for the passphrase and then decrypt the file message.txt.gpg to OUTPUTFILE, if the passphrase is correct. This passhrase is that which you used directly (point I., the -c parameter), or through your private key (point II., the -e parameter) This works for both binary (.gpg) or ascii (.asc) files. If you supress the --output FILE, it is outputted to console (stdout), then you can do this also, that is, redirect it to a file: gpg -d message.txt.gpg > OUTPUTFILE.txt Both do the same. 8 )

Iacchus
  • 1,362
3

Try http://www.aescrypt.com/ it works great.

Goddard
  • 4,724
  • 2
  • 33
  • 51
0

https://stackoverflow.com/questions/2811528/can-i-use-my-ssh-public-key-to-decrypt-a-file Is a question on a related subject. You can use the same principles for encryption if I am not mistaken.

Community
  • 1
Sam Mercier
  • 927
0

For (GnuPG) 1.4.16

gpg -a --output outfile.txt --encrypt infile.txt

You will next be prompted: 

Enter the user ID.  End with an empty line:

where the "user ID" can be found by running

gpg --list-keys
T. Webster
  • 163