Users browsing this thread: 1 Guest(s)
How do you guys encrypt files? I am just barely getting into encryption and a bit confused as to where to begin. Would be nice if I could encrypt/decrypt from the terminal.
sulami
Members
I use gpg for the most part to encrypt really sensitive stuff. I also have copies of some things I must not lose under any circumstances encrypted with scrypt, just in case I happen to lose my private key.
venam
Administrators
Are you looking for whole disk encryption of for single file encryption?
(28-06-2015, 06:27 AM)venam Wrote: Are you looking for whole disk encryption of for single file encryption?
For now just single file/folder encryption.

(28-06-2015, 06:07 AM)sulami Wrote: I use gpg for the most part to encrypt really sensitive stuff. I also have copies of some things I must not lose under any circumstances encrypted with scrypt, just in case I happen to lose my private key.
Will check it out.
miatomi
Members
Two things to keep in mind:

Who are you trying to keep your files or software from?

How bad do you want them to not find it?

based on that I may be able to help. GPG is good.. but depending on what you're doing/hiding it's either way to much or entirely too little.
venam
Administrators
For encrypting a single file there are many options such as:
PGP encryption softwares
scrypt and bcrypt (slow and secure hash algo)
ccrypt (not sure what it's using)

Encrypting a single file is useless if it stays in memory or on the disk after you've opened it. Make sure it's not cached, replicated in /tmp, this happens a lot when you open it with vim, etc.. Otherwise a good reverse engineer in data carving can fetch it back.

Moreover, if you really want to erase that file check the `shred` utility or consider using full disk encryption.
z3bra
Grey Hair Nixers
To encrypt folders, the best option I found was to turn it into an archive, and encrypt it (using ccrypt or similar)
xero
Long time nixers
miatomi's comment reminds me of:

Preface to Applied Cryptography by Bruce Schneier Wrote:"There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files. This book is about the latter."

not to start a flamewar about it's efficacy, i use bcrypt most of the time.

i also agree w/ z3bra. archive first, then encrypt.
Thanks you guys! I went with ccrypt for now, I will try bcrypt later on.
(29-06-2015, 03:14 AM)venam Wrote: For encrypting a single file there are many options such as:
PGP encryption softwares
scrypt and bcrypt (slow and secure hash algo)
ccrypt (not sure what it's using)

Encrypting a single file is useless if it stays in memory or on the disk after you've opened it. Make sure it's not cached, replicated in /tmp, this happens a lot when you open it with vim, etc.. Otherwise a good reverse engineer in data carving can fetch it back.

Moreover, if you really want to erase that file check the `shred` utility or consider using full disk encryption.
Will do, thanks.