I have some important documents that I need to protect from anyone else having access to my machine.
The problem being the other persons have access to my machine via root account so changing the file permissions is not a option for me. I have seen apps like cryptkeeper but I was wondering can I password protect my files/folder by command line mode in ubuntu.
If other users have root access to the system, then the only way that I can see to protect your files/folders is encryption and decryption.
Lot of answers are listed here (in AskUbuntu) about encrypt/decrypt , but I will show the simplest method, in my opinion.
OpenSSL
Encrypt/Decrypt file
openssl aes-256-cbc -in file -out file.aes
openssl aes-256-cbc -d -in file.aes -out file
OpenSSL & Tar
Encrypt/Decrypt Folder
tar -zcf - directory | openssl aes-256-cbc -out directory.tar.gz.aes
openssl aes-256-cbc -d -in directory.tar.gz.aes | tar -xz -f -
Keep your decryption password out of the sight, and out of the System.
Another simple solution. Say, you want to protect the folder "secret". Do the following:
mv secret secret.tmp
mkdir .secret.enc
mkdir secret
encfs ~/.secret.enc ~/secret
Now encfs will ask you about some options and a password. After that, .secret.enc will contain an encoded copy of anything you put to ~/secret.
mv secret.tmp/* secret
rmdir secret.tmp
You can now treat secret as a normal folder: edit files, copy, move whatever. When you are done, do
fusermount -u ~/secret
The directory secret will now be empty, and the files will be, encrypted, in .secret.enc.
Note about the root: if anyone else has root permissions, you have no privacy, full stop. Even with encryption, root will always have the possibility to snoop on your terminal, hijack your passwords and keys, and gain access to your encrypted data.
Another solution with the GUI: put your files in a folder. Open the parent folder in Nautilus. Right click on your "secret" folder. Select "encrypt folder".
