Create encrypted (password protected) zip file

Question

How do I create an encrypted (password protected) zip file?

Note, that Zip Passwords is no protection! those can be easily broken! use 7-Zip with a long password instead, or better GNUPG encryption! — rubo77, Feb 07 '18 at 10:36
Modern ZIP files support at least two encryption methods and the AES-256 encryption is safe when you use long enough passphrase. However, as ZIP files do not support modern password hashing, use of short passwords with even AES-256 encrypted ZIP is even more dangerous than short passwords in general. Also note that some older software that support ZIP files may not support AES-256 encrypted ZIP files so if compatibility with older software is important, all ZIP encrypted files should be weak. — Mikko Rantalainen, Mar 09 '23 at 18:14

score 257 · Accepted Answer · edited Dec 19 '20 at 04:06

257

This will prompt for a password:

zip --encrypt file.zip files

This is more insecure, as the password is entered/shown as plain text:

zip --password (password) file.zip files

Warning, the standard zip encryption is very weak and is easily cracked.
Note, Use -r to zip directory and subdirectory recursively.

edited Dec 19 '20 at 04:06

Akhil

556

answered Dec 15 '10 at 20:46

Pete Ashdown

3,040

5

Is there a better option from the standard encryption? – David Oneill Dec 15 '10 at 20:47
9

Using gnupg on the final zip with a key for yourself or your destination. – Pete Ashdown Dec 15 '10 at 21:43
2

Does not work file.zip is empty – Black Aug 29 '17 at 12:15
22

@Black If you're trying to compress a folder, then you need to use -r switch. So it'll be zip --encrypt file.zip -r your_folder – H G Sur Jan 20 '18 at 11:55
is it compatible with windows, if recipient is wondows user ? – Budi Mulyo Aug 16 '19 at 16:24
1

@BudiMulyo Yes. It's compatible with Windows. – X. Liu Oct 24 '20 at 10:26
It requires password when I call unzip in Linux Mint, but you can open the archive and see files list without opening them. – Zon Aug 23 '23 at 11:02
I use this command as mentioned above - zip -r --password 'Password123' test.zip test/ – Atul Feb 27 '24 at 10:35

score 53 · Answer 2 · edited Jan 02 '19 at 19:11

53

Starting from Ubuntu 17.10, right-clicking and selecting "Compress" no longer has "Other Options" listed.

To resolve this, open "Archive Manager" and then drag & drop the files/folders from your File Manager into it and it will appear.

edited Jan 02 '19 at 19:11

igi

2,575

answered Dec 12 '17 at 22:07

Jonathan

3,904

2

If Archive Manager is not installed (as in my lightweight debian for example), it can be installed with $ su root -c 'apt-get install file-roller'. – Raman Sinclair May 14 '20 at 08:27
Unfortunately, this is the only option right now. But it’s not that many clicks more. Related: https://askubuntu.com/questions/868493/how-to-make-files-use-file-roller-again – caw Jul 15 '21 at 19:13
It appears that this functionality is restored in (at least) 22.04, but the UI is a little different now. Click the extension drop-down (.zip) and choose ".zip (Password protected zip, must be installed on Windows and Mac.)" instead. – Compholio Nov 28 '22 at 21:36

score 31 · Answer 3 · edited Aug 07 '23 at 10:16

31

Comments and answers have mentioned the default zip encryption is weak, but since there is no code example, here is on with .7zip:

sudo apt-get install p7zip-full  # install 7zip
7za a -tzip -p -mem=AES256 foo_file.zip foo_folder  # encrypt folder

Commands explained:

7za: Use 7zip
a: Append? / Adding files? (e for extraction)
-tzip: Use .zip format instead of default .7z
-p: specify a password for encryption
-mem=AES256: Use AES256 encryption
foo_file.zip: Name of .zip file
foo_folder: Name of folder to encrypt

Answer based on: https://www.tecmint.com/7zip-command-examples-in-linux/

edited Aug 07 '23 at 10:16

sehe

224

answered Mar 13 '19 at 08:41

NumesSanguis

431

1

can this be extracted by any unzipping software ? – Ciprian Tomoiagă Jul 15 '19 at 13:55
I think the resulting .zip is the same as using software on Windows to create a .zip with a password. I haven't experienced anyone telling me they couldn't unzip this, but I haven't used it often. – NumesSanguis Jul 21 '19 at 14:17
1

Windows zip folder does not support AES256. 7-zip or WinZip (maybe WinRAR too?) should be able to extract it. – syockit Jul 20 '20 at 15:21
Best answer since it has good encryption. Double-clicking a file zipped in this manner in the nemo file manager at least (but probably on Ubuntu's default nautilus file manager too) on Ubuntu allows you to open and decrypt via a GUI, making it very easy and intuitive for a recipient to decrypt on Linux Ubuntu. – Gabriel Staples Aug 18 '21 at 19:02
2

FYI I tried extracting this on a fresh install of Win11 using its built-in capability (Windows Explorer) and it failed with an error. – Nick S Oct 19 '22 at 11:53

score 31 · Answer 4 · answered Dec 16 '10 at 00:43

31

You can also right-click on a folder or file(s) in Nautilus and select "Compress...". In the resulting window, you can expand the "Other Options" section to enter a password.

alt text

If the password field or any of the other options are not enabled, then the selected compression option does not support it. Select a different one from the list after the filename. According to the documentation:

Currently, only 7-Zip, ZIP, RAR and ARJ archives support encryption

answered Dec 16 '10 at 00:43

Ramón

1,637

7

It's worth noting that you need to install .rar before you can use it in the compressor. – Xeoncross Feb 20 '12 at 00:59
29

I don't see "Other Options" anymore in Ubuntu 17.10 (I remember seeing it in earlier version though) – Jonathan Dec 12 '17 at 22:04
@Jonathan No solution, but related: https://askubuntu.com/questions/868493/how-to-make-files-use-file-roller-again – caw Jul 15 '21 at 19:13

score 5 · Answer 5 · answered Sep 04 '18 at 07:54

5

sudo apt-get install zip
zip -r --encrypt result.zip folder

Install zip
Use -r to zip directory and subdirectory
Use --encrypt to secure your files

with a simple password-based symmetric encryption system, which is documented in the ZIP specification

Wikipedia

answered Sep 04 '18 at 07:54

jschnasse

351
2
4
11

Thumb up for "-r" flag. – MilanG Nov 07 '23 at 12:39

score 2 · Answer 6 · answered Nov 01 '19 at 23:51

2

Encrypt

gpg -c your.zip

creates your.zip.gpg

Decrypt:

gpg your.zip.gpg

To turn off password caching

More details including directories.

https://superuser.com/a/249516/27275

answered Nov 01 '19 at 23:51

crizCraig

183
1
6

score 1 · Answer 7 · answered Dec 31 '20 at 13:15

with bsdtar

Encrypt a_file, creating the encrypted archive encrypted.zip (you'll be prompted for a password):

bsdtar --options zip:encryption -acf encrypted.zip a_file

Decrypt and extract the file from the encrypted archive:

bsdtar -xf encrypted.zip

The -a option when creating the archive makes bsdtar choose the archive format and its compression using the ending of the archive, .zip. If you don't add -a, you'll get this error message:

bsdtar: Unknown module name: `zip'

cardamom · Answer 8 · 2021-01-25T22:26:00.230

0

The metadata (filenames) of an encrypted zip can be read with unzip -l

https://security.stackexchange.com/questions/186878/can-the-content-of-a-password-protected-zip-file-be-known

The solution, as described in that link is to double-zip it but it is really not elegant.

Also, some email providers block that kind of attachment, gmail for example.

edited Jan 25 '21 at 22:26

answered Jan 25 '21 at 21:39

cardamom

133

score 0 · Answer 9 · answered Mar 28 '24 at 20:03

Here's a simple way of compressing by encrypting and extracting by decrypting.

You can use the following to compress zip -er output.zip <folder_to_compress>.

It will prompt you for a password. Enter password.

To decrypt/extract use unzip <output.zip>.

Create encrypted (password protected) zip file

9 Answers9

with bsdtar

Linked