Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 05 Sep 2010 00:32:55 +0200
From:      Bernt Hansson <bernt@bah.homeip.net>
To:        Timm Wimmers <timm@ticore.de>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Directory Encryption?
Message-ID:  <4C82C917.8000305@bah.homeip.net>
In-Reply-To: <4C729C29.2090206@ticore.de>
References:  <AANLkTinCmLAFMbeDmVoDo=65RCiLqu_54ocNL3eZSOiG@mail.gmail.com> <4C729C29.2090206@ticore.de>

next in thread | previous in thread | raw e-mail | index | archive | help
2010-08-23 18:04, Timm Wimmers skrev:
> Am 23.08.2010 16:36, schrieb Chris Maness:
>> What is a good tool to encrypt a directory?  I need an application
>> that is also readily available for Apple OSX, and that does not get
>> mangled when transferring via rsync.
>
> How about "openssl'?
>
> Encrypt a TARed directory:
>
> $ tar cjf - /path/to/source/folder | \
> openssl enc -e -bf -out OUTFILE.tgz.enc -pass pass:MYSILLYPASS
>
>
> Decrypt:
>
> $ openssl enc -d -bf           \
>       -in OUTFILE.tgz.enc       \
>       -out OUTFILE.tgz          \
>       -pass pass:MYSILLYPASS
>
> There are also ways to encrypt with keys, see manpage.

Or
A single file

Encrypt and decrypt:

# openssl aes-128-cbc -salt -in file -out file.aes
# openssl aes-128-cbc -d -salt -in file.aes -out file


Note that the file can of course be a tar archive.

tar and encrypt a whole directory

# tar -cf - directory | openssl aes-128-cbc -salt -out directory.tar.aes 
      # Encrypt
# openssl aes-128-cbc -d -salt -in directory.tar.aes | tar -x -f - 
       # Decrypt



tar zip and encrypt a whole directory

# tar -zcf - directory | openssl aes-128-cbc -salt -out 
directory.tar.gz.aes  # Encrypt
# openssl aes-128-cbc -d -salt -in directory.tar.gz.aes | tar -xz -f - 
       # Decrypt




     * Use -k mysecretpassword after aes-128-cbc to avoid the 
interactive password request. However note that this is highly insecure.

     * Use aes-256-cbc instead of aes-128-cbc to get even stronger 
encryption. This uses also more CPU.

  http://cb.vu/unixtoolbox.xhtml#crypt



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C82C917.8000305>