Security by Cvitals ~ Encrypting files

Discussion in 'General Linux HOWTOs' started by computervitals, Sep 25, 2007.

  1. computervitals

    computervitals New Member

    In this little tutorial I will show you how to encrypt your files. Very handy if you have files that should be protected and are "your eyes only"

    1st, may questions come about passwords:
    "How can I password protect my tar acrchive?"
    Easy, load up windows and use an archiver.

    There is no password feature for tar or gzip.
    But you can encrypt your files so no one will be able to view the contents.

    In this tutorial I will show you how to set up an encryption key, tar a directory and encrypt the file.

    1: Load up your SSH Client. I use Putty.
    2: Set up your encryption key.
    Type:
    gpg --gen-key
    It will ask you what kind of key you want.
    Code:
    Please select what kind of key you want:
       (1) DSA and ElGamal (default)
       (2) DSA (sign only)
       (4) RSA (sign only)
    
    Select 1 for the default

    Next question will be for the Keypair
    Code:
    DSA keypair will have 1024 bits.
    About to generate a new ELG-E keypair.
                  minimum keysize is  768 bits
                  default keysize is 1024 bits
        highest suggested keysize is 2048 bits
    What keysize do you want? (1024)
    
    Press Enter for 1024 bit encryption

    Then it will ask you when you want the key to expire. Choose what you like:
    Code:
    Please specify how long the key should be valid.
             0 = key does not expire
          <n>  = key expires in n days
          <n>w = key expires in n weeks
          <n>m = key expires in n months
          <n>y = key expires in n years
    Key is valid for? (0)
    
    I Choose 0 for no expiration. Select y to comfirm.

    Next you will need to enter your name, email and comment
    Code:
    You need a User-ID to identify your key; the software constructs the user id
    from Real Name, Comment and Email Address in this form:
    
    Your results will look like this:
    Code:
    Real name: [I]Your Name[/I]
    Email address: [I][email protected][/I]
    Comment: [I]Your comment you entered[/I]
    You selected this USER-ID:
        "Your Name (Your comment you entered) [email protected]"
    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
    
    Choose o to accept

    Next will be a passphrase (password)
    Code:
    You need a Passphrase to protect your secret key.
    
    Enter what you like, You wont see the cursor move. You will have to confirm the word/phrase. DO NOT FORGET THIS!!!

    You'll see some mumbo Jumbo and the key will be done.

    Now, lets tar up a directory!
    Lets sey you have a file you backup and save often.
    We'll call this folder/directory general

    Lets tar it up!
    Type this in your SSH clent.
    Code:
    tar -czvf general.tar.gz general/
    
    You should now see the list of files that were compressed scroll through the screen.

    Now Lets Encrypt the file!
    type this in your SSH Client
    Code:
    gpg -se -r joe general.tar.gz
    
    If you run the ls command you will see a new file called general.tar.gz.gpg
    The -se means Sign and encrypt, the -r is the person you want to send it to. Any name will do. If it for yourself, put your name there.

    Now you will need to decrypt the file if you need it.
    type this in the SSH Client:
    Code:
    gpg -o general.tar.gz -d general.tar.gz.gpg
    
    The -o is the output, or what the files used to be
    the -d is "decrypt" the file
    You can now untar your file if you like.
    Type this!
    Code:
    tar -xzvf general.tar.gz
    
    Your file is now extracted.

    This complete the tutorial.
    You can also find this tutorial at:
    http://www.computervitals.com/forum/showthread.php/security-cvitals-encrypting-9206.html

    BuzzStPoint.
     
  2. khiltd

    khiltd New Member

    What part of this requires Windows?
     
  3. computervitals

    computervitals New Member

    I should have put a smiley there.
    It was my poor attempt at a joke. :eek:
     

Share This Page