Directory Encryption?

[Bernt Hansson]

2010-08-23 18:04, Timm Wimmers skrev:
> Am 23.08.2010 16:36, schrieb Chris Maness:
>> What is a good tool to encrypt a directory?  I need an application
>> that is also readily available for Apple OSX, and that does not get
>> mangled when transferring via rsync.
>
> How about "openssl'?
>
> Encrypt a TARed directory:
>
> $ tar cjf - /path/to/source/folder | \
> openssl enc -e -bf -out OUTFILE.tgz.enc -pass pass:MYSILLYPASS
>
>
> Decrypt:
>
> $ openssl enc -d -bf           \
>       -in OUTFILE.tgz.enc       \
>       -out OUTFILE.tgz          \
>       -pass pass:MYSILLYPASS
>
> There are also ways to encrypt with keys, see manpage.

Or
A single file

Encrypt and decrypt:

# openssl aes-128-cbc -salt -in file -out file.aes
# openssl aes-128-cbc -d -salt -in file.aes -out file


Note that the file can of course be a tar archive.

tar and encrypt a whole directory

# tar -cf - directory | openssl aes-128-cbc -salt -out directory.tar.aes 
      # Encrypt
# openssl aes-128-cbc -d -salt -in directory.tar.aes | tar -x -f - 
       # Decrypt



tar zip and encrypt a whole directory

# tar -zcf - directory | openssl aes-128-cbc -salt -out 
directory.tar.gz.aes  # Encrypt
# openssl aes-128-cbc -d -salt -in directory.tar.gz.aes | tar -xz -f - 
       # Decrypt




     * Use -k mysecretpassword after aes-128-cbc to avoid the 
interactive password request. However note that this is highly insecure.

     * Use aes-256-cbc instead of aes-128-cbc to get even stronger 
encryption. This uses also more CPU.

  http://cb.vu/unixtoolbox.xhtml#crypt