GPG
“GPG” or “GNU Privacy Guard” allows you to securely encrypt files and data with a strong encryption algorithm. It can encrypt and decrypt data using “key” files. In its simplest form, you can encrypt a file using a passphrase and decrypt it later.
To install GPG in Ubuntu, use the command specified below:
GPG is available by default in all other major Linux distributions. If not, then just search for it in the package manager and install it from there.
To encrypt a file using a passphrase, run a command in the following format:
You will be prompted to enter a passphrase that will be used for encrypting and decrypting the file. Once you have entered the password, GPG will encrypt the file and produce an encrypted file in the following format:
To decrypt the file, run a command in the following format:
When you are prompted to enter the password, use the passphrase you initially used to encrypt the file. Once decrypted, you will get back a “file.txt” file.
Another approach to encrypt files using GPG is to use a pair of “public” and “private” keys. Using a public key, you can encrypt a file but it can be decrypted only by using a private key. If you want to send an encrypted file to someone, you can ask for his / her public GPG key. You can use this public key to encrypt the file and send the encrypted file to him. Since he owns the private key associated with the public key, he will be able to decrypt it using the private key. So in order to fully encrypt and decrypt files using GPG key, both key files are needed, public and private.
To generate a GPG key pair, you can use the command below:
Follow the onscreen instructions and enter a username and password when prompted. After generating the key pair, GPG will show the generated public key in terminal output. Make a note of it or you can view it later using the following command:
You can now send this public key to someone to get encrypted files that can only be decrypted using your private key.
To export public key to a file, run the following command:
Replace “public_key” with your own public key generated in the step above. Your generated private keys will be available in “$HOME/.gnupg/” directory.
To encrypt a file using public key of someone else, use the command below:
Replace “public_key.file” with the public key file of the person to whom you want to send the encrypted file.
To decrypt a file that was encrypted using your public key, use the following command:
Replace “file.txt” with your desired name for the decrypted file. GPG will automatically detect your private keys during decryption as long as they are stored in the “$HOME/.gnupg/” folder.
For any further information on “gpg” command, run the following two commands:
$ man gpg
7z
7z is a free and open source utility that can be used to compress files and create archives of files and folders. You can also use it to create encrypted archives and then extract them on any platform that has support for managing 7z archives. 7z uses a strong AES-256 algorithm for encrypting files. In Linux, you can use the “p7zip” archiver to manage 7z files.
To install p7zip in Ubuntu, use the command specified below:
You can install p7zip in other Linux distributions from default repositories or you can compile it from source code.
To encrypt a file or folder using p7zip, use a command in the following format:
Replace “archive.7z” with your desired name. You can supply a single file / folder or multiple space separated names. Enter a password for encryption when prompted.
To decrypt, use the following command (enter password when prompted):
For more information on 7z, use the following two commands:
$ man 7z
OpenSSL
OpenSSL is a free and open source utility that includes a variety of algorithms to encrypt local as well remote data and files. You can use it to encrypt files on Linux using AES-256 standard. To install openSSL in Ubuntu, use the command below:
OpenSSL comes pre-installed in most Linux distributions. You can also install it from official repositories using the package manager. More downloads are available on its official website.
To encrypt a file using OpenSSL, use a command in the following format:
Replace filenames in command as needed. You will be prompted to enter a password for the encryption process to complete. To decrypt, use the following command:
For more information on OpenSSL encryption options, use the following two commands:
$ man openssl enc
Ccrypt
Ccrypt is a free and open source command line utility that can be used to encrypt files and folders on your Linux system. It is developed as a drop-in replacement for another encryption tool called “crypt” and it provides better encryption methodology and security. To install ccrypt in Ubuntu, use the following command:
You can install Ccrypt in other Linux distributions from official repositories. More downloads are available here.
To encrypt a file using Ccrypt, run a command in the following format:
You will be prompted to enter a password. Once the encryption has completed, a new file will be generated having “.cpt” as extension (file.txt.cpt in this case).
To decrypt a “.cpt” file, run a command in the following format:
For more information on Ccrypt commands, use the following commands in a terminal:
$ man ccrypt
Conclusion
These are some of the most popular command line file encryption utilities available for Linux. Not many graphical file encryption apps are available for Linux. Some of them are present as plugins to various file managers allowing you to create encrypted compressed archives by right clicking on files and folders.