Tools to Encrypt/Decrypt and Password Protect Files

Lawrence

Introduction

Encryption is the process of encoding files in such a way that only those who are authorized can access it. Encryption does not of itself prevent interception but denies the file content to the interceptor. In an encryption scheme, the intended files, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted.

Linux distribution provides a few standard encryption/decryption tools that can prove to be handy at times. Here in this article, we have covered 3 such tools with proper standard examples, which will help you to encrypt, decrypt and password-protect your files.


1. GnuPG

GnuPG (GNU Privacy Guard, often called GPG) package in most of today’s Linux distributions comes by default, if in-case it’s not installed you may apt or yum it from the repository.

Ubuntu/Debian:
sudo apt-get install gnupg

CentOS/Fedora:
yum install gnupg

Encrypting

Now you can encrypt a file using GPG. As soon as you run the gpg command with option -c (encryption only with symmetric cipher) it will create a file testfile.txt.gpg.
gpg -c /path_to_the_file/testfile.txt

Note: Enter Paraphrase twice to encrypt the given file. The above encryption was done with CAST5 encryption algorithm automatically. You may specify a different algorithm optionally. To see all the encryption algorithm present you may execute:
gpg --version

Decrypting

Now, if you want to decrypt the above encrypted file, you may use the following command:
gpg /path_to_the_file/testfile.txt.gpg

Note: You need to provide the same password you gave at encryption to decrypt when prompted.

More information about GNU Privacy Guard on official site:
https://www.gnupg.org


2. Zip

It is one of the most famous archive formats and it is so much famous that we generally call archive files as zip files in day-to-day communication. It uses pkzip stream cipher algorithm.

If you have not installed zip you can do it with apt or yum.

Ubuntu/Debian:
sudo apt-get install zip

CentOS/Fedora:
yum install zip

Encrypting

Create an encrypted zip file using zip:
zip --password mypassword testarchive.zip testfile.txt

Or if you want to add more files into zip archive:
zip --password mypassword testarchive.zip testfile.txt testfile1.txt testfile2.txt

Note: Here mypassword is the password used to encrypt it.

Decrypting

To decrypt the file, you will need to install unzip:

Ubuntu/Debian:
sudo apt-get install unzip

CentOS/Fedora:
yum install unzip

Decrypt the password-protected zipped file using unzip:

unzip testarchive.zip

You need to provide the same password you provided at encryption.


3. OpenSSL

By default OpenSSL is installed in all our templates, however, if you have removed it you can install it with apt-get or yum.

Ubuntu/Debian:
sudo apt-get install openssl

CentOS/Fedora:
yum install openssl

Encrypting
openssl enc -aes-256-cbc -in /path_to_the_file/testfile.txt -out /path_to_the_file/testfile.dat

Explanation of each option used in the above command.

enc encryption
-aes-256-cbc the algorithm to be used.
-in full path of a file to be encrypted.
-out the full path where it will be decrypted.

Decrypting

Decrypt a file using OpenSSL:
openssl enc -aes-256-cbc -d -in /path_to_the_file/testfile.dat > /path_to_the_file/testfile2.txt

andrewb

7zip is basically an open-source clone of the RAR file standard, and therefor, like RAR, supports encryption and uses AES256 be default + key-extension to password protect files.

Unfortunately, the command-line interface for entering passwords is a little clumsy (for example, to use the password "PASSWORD", the command looks like this - the lack of space between the -p switch and "PASSWORD" is intentional):


7z a -pPASSWORD -r myencryptedfiles.7z myfiles/

While I'd still suggest OpenSSL or GnuPG for private stuff that you need to be super-secure, 7zip is a good replacement for encrypting files that you want to hand over to friends/coworkers/etc