Date: Sun, 05 Sep 2010 00:32:55 +0200 From: Bernt Hansson <bernt@bah.homeip.net> To: Timm Wimmers <timm@ticore.de> Cc: freebsd-questions@freebsd.org Subject: Re: Directory Encryption? Message-ID: <4C82C917.8000305@bah.homeip.net> In-Reply-To: <4C729C29.2090206@ticore.de> References: <AANLkTinCmLAFMbeDmVoDo=65RCiLqu_54ocNL3eZSOiG@mail.gmail.com> <4C729C29.2090206@ticore.de>
next in thread | previous in thread | raw e-mail | index | archive | help
2010-08-23 18:04, Timm Wimmers skrev: > Am 23.08.2010 16:36, schrieb Chris Maness: >> What is a good tool to encrypt a directory? I need an application >> that is also readily available for Apple OSX, and that does not get >> mangled when transferring via rsync. > > How about "openssl'? > > Encrypt a TARed directory: > > $ tar cjf - /path/to/source/folder | \ > openssl enc -e -bf -out OUTFILE.tgz.enc -pass pass:MYSILLYPASS > > > Decrypt: > > $ openssl enc -d -bf \ > -in OUTFILE.tgz.enc \ > -out OUTFILE.tgz \ > -pass pass:MYSILLYPASS > > There are also ways to encrypt with keys, see manpage. Or A single file Encrypt and decrypt: # openssl aes-128-cbc -salt -in file -out file.aes # openssl aes-128-cbc -d -salt -in file.aes -out file Note that the file can of course be a tar archive. tar and encrypt a whole directory # tar -cf - directory | openssl aes-128-cbc -salt -out directory.tar.aes # Encrypt # openssl aes-128-cbc -d -salt -in directory.tar.aes | tar -x -f - # Decrypt tar zip and encrypt a whole directory # tar -zcf - directory | openssl aes-128-cbc -salt -out directory.tar.gz.aes # Encrypt # openssl aes-128-cbc -d -salt -in directory.tar.gz.aes | tar -xz -f - # Decrypt * Use -k mysecretpassword after aes-128-cbc to avoid the interactive password request. However note that this is highly insecure. * Use aes-256-cbc instead of aes-128-cbc to get even stronger encryption. This uses also more CPU. http://cb.vu/unixtoolbox.xhtml#crypt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C82C917.8000305>