Is there a tool to encrypt a file or directory?

software-recommendation directory files encryption

What's the most popular way to encrypt individual files or folders?


GnuPG (GPG) can use asymmetric and symmetric encryption. Asymmetric crypto involves a two keys, a public key for encryption and a private key for decryption. See djeikyb answer on this page for asymmetric key usage.

For symmetric encryption, the encryption and decryption keys are equal. It is important to realize that most people are very bad at choosing strong passwords. Thus, an encryption scheme using passwords should use a key-derivation function that takes more resources (time, memory) to slow down brute-force attacks.

For a description of GnuPG's KDF, see this Crypto Stack Exchange post. Example usage of symmetric encryption:

gpg --symmetric < unencrypted_file > encrypted_file

Decryption:

gpg --decrypt < encrypted_file > decrypted_file

Note that gpg caches the symkey by default (documented behavior). In order to avoid that, use --no-symkey-cache option as described in a related answer.

Manual page of gpg.

old answer for users who are able to chose good keys, see note below

For single files, openssl is very useful, especially when sending the file over an unsecured channel (e.g. e-mail). It's free (in money and in freedom), unlike Truecrypt, which is only free in money.

NOTE: the password that you enter here will be processed by one MD5 iteration 1. If you chose a password "123456", then you will have very little security.

Encrypt:

openssl aes-256-cbc -salt -in unencrypted_file -out encrypted_file

You'll be asked for a password, which you have to input twice.

Decrypt:

openssl aes-256-cbc -d -in encrypted_file -out unencrypted_file

Manual page for the enc program.

1openssl enc uses the digest function defined by the -md option (default md5) and invokes function EVP_BytesToKey() with an iteration count of 1. This can be found in the openssl source at apps/enc.c.


I use Seahorse for this. It's a Gnome front-end for GnuPG and integrates well with nautilus: Nautilus integration

To get nautilus integration, install the package seahorse-nautilus from the Software Center: seahorse-nautilus Install seahorse-nautilus

Related

How to fix "Partition does not start on physical sector boundary" warning?
Enable disk encryption after installation
Wrong Login Screen Resolution
How to stream music over the network to multiple computers?
Cannot change brightness (Ubuntu 16.04 LTS, Unity)
Backup your home directory with rsync and skip useless folders
How can I remap keyboard keys? [duplicate]
Can files/directories deleted with rm be restored?
How can you monitor total internet data usage across reboots?
How do I add an application to the dash?
How to configure extra buttons in Logitech Mouse
How can I run a Minecraft Server on multiple CPU cores?