Directory Encryption?
Bernt Hansson
bernt at bah.homeip.net
Sat Sep 4 22:33:01 UTC 2010
2010-08-23 18:04, Timm Wimmers skrev:
> Am 23.08.2010 16:36, schrieb Chris Maness:
>> What is a good tool to encrypt a directory? I need an application
>> that is also readily available for Apple OSX, and that does not get
>> mangled when transferring via rsync.
>
> How about "openssl'?
>
> Encrypt a TARed directory:
>
> $ tar cjf - /path/to/source/folder | \
> openssl enc -e -bf -out OUTFILE.tgz.enc -pass pass:MYSILLYPASS
>
>
> Decrypt:
>
> $ openssl enc -d -bf \
> -in OUTFILE.tgz.enc \
> -out OUTFILE.tgz \
> -pass pass:MYSILLYPASS
>
> There are also ways to encrypt with keys, see manpage.
Or
A single file
Encrypt and decrypt:
# openssl aes-128-cbc -salt -in file -out file.aes
# openssl aes-128-cbc -d -salt -in file.aes -out file
Note that the file can of course be a tar archive.
tar and encrypt a whole directory
# tar -cf - directory | openssl aes-128-cbc -salt -out directory.tar.aes
# Encrypt
# openssl aes-128-cbc -d -salt -in directory.tar.aes | tar -x -f -
# Decrypt
tar zip and encrypt a whole directory
# tar -zcf - directory | openssl aes-128-cbc -salt -out
directory.tar.gz.aes # Encrypt
# openssl aes-128-cbc -d -salt -in directory.tar.gz.aes | tar -xz -f -
# Decrypt
* Use -k mysecretpassword after aes-128-cbc to avoid the
interactive password request. However note that this is highly insecure.
* Use aes-256-cbc instead of aes-128-cbc to get even stronger
encryption. This uses also more CPU.
http://cb.vu/unixtoolbox.xhtml#crypt
More information about the freebsd-questions
mailing list