How to protect confidential files in Linux with encryption


Both protecting your privacy and keeping your safety are now of the utmost importance. It is not simply the responsibility of businesses to protect confidential information from the prying eyes of other parties. It’s possible that you have sensitive information  and These files should be protected with a password so that only you can access them. But how exactly do you go about doing this if Linux is your preferred operating system?

You are able to do this action with almost any kind of file, including text files, files ending in .docx or .odt, PDF files, jpeg files, and so on. A word of caution, though: the command line is necessary for both of these approaches. On the other hand, if you want to utilize the GUI way, all you have to do to install the necessary integration for the file manager is use the command line.

What you need: All you need for this is an active instance of Linux and a file that you want to encrypt. Nothing more is required. That sums it up well.

Launch a window representing a terminal and produce a GPG key.
The first thing you should do is open the terminal window by selecting it from the menu on your desktop. After you have opened it, you will need to issue the following command in order to generate a GPG key:

gpg –gen-key
You’ll be prompted to provide your actual name and an email address, after which you’ll be asked to write “O” to confirm that you’re okay with the information being shared. After that, you are required to enter and validate a passphrase before to using the key.

Navigate to the directory in which the file is stored.
After you have generated your key, proceed to the folder that contains the file that needs to be encrypted. Let’s suppose the file is located in the Documents folder under.

Encrypt the file
In order to encrypt the file, we are going to make use of the gpg command. As an example, the following command will be used to encrypt the file test:

gpg -c test
gpg is instructed to encrypt thetest file when it is given the -c option. You will then be prompted to enter and validate a password for the file that has been encrypted.

After you have finished encrypting the file, you will observe that there are now two files: test and test.gpg. The file with the extension.gpg denotes the encrypted version of the file. At this point, you are able to delete the first test file by using the command that:

rm test

Set the parameters for the password cache agent.
Surprisingly, the GPG utility will save passwords in a cache. Because of this, you (or anybody who has access to your machine) will be able to decrypt the file with the command gpg test without having to key in the password. That should not be done. It is necessary to turn off the GPG agent’s password caching in order to circumvent this issue. In order to do this, you will need to create a new file using the command:

nano ~/.gnupg/gpg-agent.conf
Copy and paste the following lines into that document:

default-cache-ttl 1
max-cache-ttl 1

After that, use the following command to restart the agent:

echo RELOADAGENT | gpg-connect-agent gpg-connect-agent

The password input prompt will now show whenever the decryption command, gpg test, is typed in by anybody, including you. The contents of the file will continue to be encrypted until the correct password is provided and typed successfully.



Source link