Encryption is the process of encoding files in such a way that only those who are authorized can access them. Mankind is using encryption for ages even when computers were not in existence. During the war, they would pass some kind of message that only their tribe or those who are concerned were able to understand.
Linux distribution provides a few standard encryption/decryption tools that can prove to be handy at times. Here in this article, we have covered 7 such tools with proper standard examples, which will help you to encrypt, decrypt and password protect your files.
If you are interested in knowing how to generate a random password from the Linux command line, read the following article:
[ You might also like: How to Generate/Encrypt/Decrypt Random Passwords in Linux ]
GnuPG stands for GNU Privacy Guard and is often called as GPG which is a collection of cryptographic software. Written by GNU Project in C programming Language. Latest stable release is 2.0.27.
In most of the today’s Linux distributions, the gnupg package comes by default, if in-case it’s not installed you may apt or yum it from repository.
$ sudo apt-get install gnupg # yum install gnupg
We have a text file (tecmint.txt) located at ~/Desktop/Tecmint/, which will be used in the examples that follows this article.
Before moving further, check the content of the text file.
$ cat ~/Desktop/Tecmint/tecmint.txt
Now encrypt tecmint.txt file using gpg. As soon as you run the gpc command with option -c (encryption only with symmetric cipher) it will create a file texmint.txt.gpg. You may list the content of the directory to verify.
$ gpg -c ~/Desktop/Tecmint/tecmint.txt $ ls -l ~/Desktop/Tecmint
Note: Enter Paraphrase twice to encrypt the given file. The above encryption was done with CAST5 encryption algorithm automatically. You may specify a different algorithm optionally.
To see all the encryption algorithm present you may fire.
$ gpg --version
Now, if you want to decrypt the above encrypted file, you may use the following command, but before we start decrypting we will first remove the original file i.e., tecmint.txt and leave the encrypted file tecmint.txt.gpg untouched.
$ rm ~/Desktop/Tecmint/tecmint.txt $ gpg ~/Desktop/Tecmint/tecmint.txt.gpg
Note: You need to provide the same password you gave at encryption to decrypt when prompted.
bcrypt is a key derivation function which is based upon Blowfish cipher. Blowfish cipher is not recommended since the time it was figured that the cipher algorithm can be attacked.
If you have not installed bcrypt, you may apt or yum the required package.
$ sudo apt-get install bcrypt # yum install bcrypt
Encrypt the file using bcrypt.
$ bcrypt ~/Desktop/Tecmint/tecmint.txt
As soon as you fire the above command, a new file name texmint.txt.bfe is created and original file tecmint.txt gets replaced.
Decrypt the file using bcrypt.
$ bcrypt tecmint.txt.bfe
Note: bcrypt do not has a secure form of encryption and hence it’s support has been disabled at least on Debian Jessie.
Designed as a replacement of UNIX crypt, ccrypt is an utility for files and streams encryption and decryption. It uses Rijndael cypher.
If you have not installed ccrypt you may apt or yum it.
$ sudo apt-get install ccrypt # yum install ccrypt
Encrypt a file using ccrypt. It uses ccencrypt to encrypt and ccdecrypt to decrypt. It is important to notice that at encryption, the original file (tecmint.txt) is replaced by (tecmint.txt.cpt) and at decryption the encrypted file (tecmint.txt.cpt) is replaced by original file (tecmint.txt). You may like to use ls command to check this.
Encrypt a file.
$ ccencrypt ~/Desktop/Tecmint/tecmint.txt
Decrypt a file.
$ ccdecrypt ~/Desktop/Tecmint/tecmint.txt.cpt
Provide the same password you gave during encryption to decrypt.
It is one of the most famous archive format and it is so much famous that we generally call archive files as zip files in day-to-day communication. It uses pkzip stream cipher algorithm.
If you have not installed zip you may like to apt or yum it.
$ sudo apt-get install zip # yum install zip
Create a encrypted zip file (several files grouped together) using zip.
$ zip --password mypassword tecmint.zip tecmint.txt tecmint1.1txt tecmint2.txt
Here mypassword is the password used to encrypt it. A archive is created with the name tecmint.zip with zipped files tecmint.txt, tecmint1.txt and tecmint2.txt.
Decrypt the password protected zipped file using unzip.
$ unzip tecmint.zip
You need to provide the same password you provided at encryption.
Openssl is a command line cryptographic toolkit which can be used to encrypt message as well as files.
You may like to install openssl, if it is not already installed.
$ sudo apt-get install openssl # yum install openssl
Encrypt a file using openssl encryption.
$ openssl enc -aes-256-cbc -in ~/Desktop/Tecmint/tecmint.txt -out ~/Desktop/Tecmint/tecmint.dat
Explanation of each option used in the above command.
- enc : encryption
- -aes-256-cbc : the algorithm to be used.
- -in : full path of file to be encrypted.
- -out : full path where it will be decrypted.
Decrypt a file using openssl.
$ openssl enc -aes-256-cbc -d -in ~/Desktop/Tecmint/tecmint.dat > ~/Desktop/Tecmint/tecmint1.txt
The very famous open source 7-zip archiver written in C++ and able to compress and uncompress most of the known archive file format.
If you have not installed 7-zip you may like to apt or yum it.
$ sudo apt-get install p7zip-full # yum install p7zip-full
Compress files into zip using 7-zip and encrypt it.
$ 7za a -tzip -p -mem=AES256 tecmint.zip tecmint.txt tecmint1.txt
Decompress encrypted zip file using 7-zip.
$ 7za e tecmint.zip
Note: Provide same password throughout in encryption and decryption process when prompted.
All the tools we have used till now are command based. There is a GUI based encryption tool provided by nautilus, which will help you to encrypt/decrypt files using Graphical interface.
7. Nautilus Encryption Utility
Steps to encrypt files in GUI using Nautilus encryption utility.
Encryption of file in GUI
1. Right click the file you want to encrypt.
2. Select format to zip and provide location to save. Provide password to encrypt as well.
3. Notice the message – encrypted zip created successfully.
Decryption of file in GUI
1. Try opening the zip in GUI. Notice the LOCK-ICON next to file. It will prompt for password, Enter it.
2. When successful, it will open the file for you.
That’s all for now. I’ll be here again with another interesting topic. Till then stay tuned and connected to Tecmint. Don’t forget to provide us with your valuable feedback in the comments below. Like and share us and help us get spread.