Friday, November 8, 2024
spot_img
HomeeCOMMERCEEcommerce Digital securityHow to encrypt a file on Linux (and when you should)

How to encrypt a file on Linux (and when you should)

Many Yellow Padlocks On Yellow Background. One Of Them Open.
Getty Images/Javier Zayas Photography

Your security and privacy have both become critically important. Businesses are not the only entities that have to keep sensitive information from prying eyes. You might have bank account details, contracts, wills, and other files on your desktop that should be locked behind a password, so only you can access them.

Also: The best Linux laptops you can buy

But how do you do this, if Linux is your operating system of choice? Believe it or not, it’s actually pretty simple. I want to show you two different methods — one using the command line and one that makes use of the built-in file manager — so you too can protect those important documents.

You can do this with just about any type of file (text, .docx, .odt, PDF, .jpg, or you name it). One word of warning: Both methods do require using the command line. However, the GUI method only requires that you use the command line to install the required integration for the file manager.

Also: How to create hidden files in Linux (and what not to use them for)

With that said, let’s get to the processes.

The command line method of encrypting files

What you need: The only thing you need for this is a running instance of Linux and a file to encrypt. That’s it.

gpg --gen-key

You’ll be asked to enter your real name and an email address, then type “O “to Okay the information. After that, you type/verify a passphrase for the key.

cd ~/Documents
gpg -c zdnet_test

The -c option tells gpg the zdnet_test file is to be encrypted. You will then be asked to type and verify a password for the encrypted file.

Once you’ve encrypted the file, you’ll notice there are two files: zdnet_test and zdnet_test.gpg. The file with the .gpg extension is the encrypted file. At this point, you can remove the initial test file with the command:

rm zdnet_test
nano ~/.gnupg/gpg-agent.conf

In that file, paste the following lines:

default-cache-ttl 1
max-cache-ttl 1

Next, restart the agent with the command:

echo RELOADAGENT  gpg-connect-agent

Now, when you (or anyone) types the decrypt command, gpg zdnet_test, the password prompt will appear. Until that password is successfully entered, the contents of the file will remain encrypted.

The GUI (Graphical User Interface) method of encrypting files

This method is significantly more efficient.

1. Install the required software

Before you use the GUI method, make sure to take care of Steps 1 and 4 above. You only have to do this once. After that, you’ll need to install a piece of software with the command:

sudo apt-get install seahorse-nautilus -y

If you’re using a distribution based on RHEL or Fedora Linux, that command would be:

sudo dnf install seahorse-nautilus -y

Once installed, restart Nautilus with the command:

nautilus -q

2. Open the Nautilus file manager

Now, open the file manager and navigate to the folder containing our zdnet_test file. Right-click the file and select the “Encrypt” option.

The GPG key selector.
My GPG key is listed and ready to be used. Screenshot by Jack Wallen/ZDNET

3. Select your encryption method

You can now either select the GPG key you created earlier or just use a passphrase for the encryption. If you opt to go the key route, make sure to select the key you created and then click “OK.” You won’t be prompted for a passphrase if you go this route. But if you opt to just use a passphrase, you will be prompted to type and verify a new passphrase for the encrypted file.

The GPG key selector.
My GPG key is listed and ready to be used. Screenshot by Jack Wallen/ZDNET

4. Decrypt the file

With the file encrypted, you can then decrypt it by right-clicking the encrypted file and selecting “Open With Decrypt File.” After this step, you’ll be asked to name the decrypted file and click “Save.” Then, for the encryption, you’ll be prompted to either type the passphrase for your GPG key or the passphrase you added.

The Nautilus right-click menu.
Decrypting a file within Nautilus. Screenshot by Jack Wallen/ZDNET

Whichever method you choose, I would highly recommend you test (using a test file) to make sure it works as expected before you actually encrypt an actual file you want to protect.

Once you have the process down (and it works as expected), you should then be safe to remove the unencrypted file. If you leave the unencrypted file on your drive, it can be accessed by anyone who can log into your desktop.

Also: Pop!_OS has a complicated name but it makes using Linux so easy

And that’s how you encrypt and decrypt a file on the Linux operating system without having to install more complicated volume encryption tools.

 

Post Disclaimer

The information provided in our posts or blogs are for educational and informative purposes only. We do not guarantee the accuracy, completeness or suitability of the information. We do not provide financial or investment advice. Readers should always seek professional advice before making any financial or investment decisions based on the information provided in our content. We will not be held responsible for any losses, damages or consequences that may arise from relying on the information provided in our content.

RELATED ARTICLES

Most Popular

Recent Comments

error: Content is protected !!