16

I am new to part of encryption on Ubuntu .

Is there any way to encrypt files and folder with password from terminal ? without using truecrypt or cryptkeeper etc.

muru
  • 197,895
  • 55
  • 485
  • 740
twister_void
  • 5,924

3 Answers3

15

You can encrypt and decrypt files with gpg

To encrypt a file

gpg -c file.to.encrypt

To decrypt a file

gpg file.to.encrypt.gpg

But gpg will not do entire directories. For entire directories you have several options, ecryptfs is popular.

# Install if ecryptfs-utils if needed
sudo apt-get install ecryptfs-utils

# Make an encrypted directory
ecryptfs-setup-private

That will make a directory "Private". Any data you put into the directory Private will automatically be encrypted when you log out and decrypted when you log in.

If you want a different behavior or a different directory ...

mkdir ~/secret
chmod 700 ~/secret

sudo mount -t ecryptfs ~your_user/secret ~your_user/secret

Put your data into ~/secrte

To encrypt

sudo umount ~your_user/secret

To Decrypt

sudo mount ./secret ./secret -o key=passphrase,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=no,ecryptfs_enable_filename_crypto=yes

Hint: make an alias for that second command.

See http://bodhizazen.com/Tutorials/Ecryptfs or man ecryptfs for additional details.

Panther
  • 102,067
10

ecryptfs will certainly encrypt files and folders, ensuring that the data that gets written to disk is always encrypted, and that applications which need access to the cleartext context can get that seamlessly.

However, to answer your question specifically, you can certainly encrypt a single file with a passphrase and gpg:

gpg -c /tmp/file > /tmp/file.gpg

To encrypt a folder, you should use tar in conjunction with gpg:

tar zcvf - /tmp/directory | gpg -c > /tmp/directory.tar.gz.gpg
Dustin Kirkland
  • 14,608
  • 3
    For anybody else who read this quickly and was a little confused by the result.. on 14.04 gpg -c /tmp/file > /tmp/file.gpg does not return what I'd expect, instead writing an empty file. My usage is gpg -c /tmp/file which automatically adds the .gpg extension to the resulting file. – Phil Oct 12 '15 at 14:08
1

encfs, as suggested by the community docs, works pretty well.

Installing: In order to install you must first add the universe repository

Then issue the command:

sudo apt install encfs

Then simply type into the terminal: encfs encrypted visible to create folders in the current directory named encrypted and visible and set up a password.

For example, if I'm in the default (home) directory (use pwd to see where you are), this will create folders /home/ijoseph/visible and /home/ijoseph/encrypted for me, since my username is ijoseph.

visible can be written and read, and stores its data encrypted in the encrypted folder.

To "hide" your data and leave only the encrypted version of the folder, type fusermount -u visible. You'll want to do this before logging out or physically moving your laptop, usually, for protection. You'll notice everything disappears from the visible folder when you type ls.

To re-mount (re-gain access to the visible folder for read/write), run encfs encrypted visible again.

Community
  • 1
ijoseph
  • 163
  • Thank you for this answer! If I might be so bold as to suggest it, this answer would be improved by adding the steps necessary for a new user to install and use encfs – Elder Geek Dec 22 '16 at 22:38
  • Thanks for your feedback! What do you mean by "new user" exactly? A user without sudo permissions? – ijoseph Dec 22 '16 at 22:46
  • 2
    I mean a user new to Ubuntu with little to no experience. My apologies for the lack of clarity! It looks like you have usage pretty well covered but someone new to Ubuntu might not know how to access the Universe repository and install encfs. Cheers! – Elder Geek Dec 22 '16 at 22:52
  • 2
    What ElderGeek is trying to say is that maybe you could make your answer a little more noob-friendly ;) – Sergiy Kolodyazhnyy Dec 22 '16 at 22:58
  • @ElderGeek, Serg, thanks for the feedback. I took a stab at adding some more background info... not sure if I did so with things that are relevant. A little flattered that I suppose this means I've transcended the 'noob' stage of my Ubuntu usage. LMK what you think. – ijoseph Dec 22 '16 at 23:20
  • 1
    Thats better. ;-) – Elder Geek Dec 22 '16 at 23:28
  • Great. Thanks! Ah I didn't even realized that required universe repositories. I may be able to consider my daily productivity nonzero now. – ijoseph Dec 22 '16 at 23:30
  • 1
    When in doubt, http://packages.ubuntu.com/ provides a wealth of information. It's on my speed dial. ;-) – Elder Geek Dec 22 '16 at 23:45