> Michael R wrote: > > Jon Drews wrote: > > New member here. I would like to know if there is a command to encrypt > > files? I thought it was "crypt" but I see that is in section 3 of the man > > pages, meaning it's a programming function. > > Another option is to store the file(s) is a zip archive. If they are already > in > a compressed format you can skip attempts to compress with the -0 option. > > zip -0 -e <FILESPEC>
Not sure I'd rely on the encryption built into zip(1); even the manpage says it is relatively weak. When I need to email someone something sensitive I generally use 7za(1) which uses 256-bit AES*. If you install the p7zip package you;ll get a zip(1)-like wrapper for 7za which you might find more intuitive. And depending on your desktop environment you may be able to encyrpt/decrypt using 7za by right-clicking on files/directories in the file manager (works in Nautilus'; select Compress.. >>".7z" & "Other Options" for encrypting). Some typical CLI uses: # 7za a -p secret_passwd archive_file.7z *.pdf => creates secret_passwd protected archive_file.7z containing ./*.pdf ** this method can also add _additional_ passwd-protected files later ** # 7za e -psecret_passwd archive_file.7z *.pdf => extracts all files from secret_passwd protected archive_file.7z note: DON'T use -p w/o an argument - errors will occur * from the 7-zip forums WRT passphrases: Do understand that one only need use a symmetric key of the same bits entropy as the employed algorithm to achieve maximum securi- ty benefit. A passphrase (symmetric key) comprised solely of ran- dom digits need be just 77 characters in length to achieve the security equivalent of the AES256 algorithm. 43 random characters would be required if utilizing a 62 (upper, lower, digits) char- acter set. But there's no limitation to passphrase length, with the exception that for decryption of RAR archives, so it would appear that cmd is the limiting factor (2047 or 8191 characters as appropriate to your operating system). You could also use openssl for encrypting files but it's awkward and apparently regularly appearing bugs... Have fun, Jeff _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
