Ubuntu is really a great operating system which is based on Linux kernel. I greatly appreciate this distro among others. It is because of the fact Ubuntu is user friendly. We have heard multiple times that it is a secure operating system like any other distro. But this post is about securing your files on Ubuntu. Despite being a secure operating system it doesn’t have any built in tool for encryption / decryption of files easily. Yes, you can entirely encrypt your disk or home folder but that’s another story. Let’s dive right in to encrypting files on Ubuntu.
Quick Navigation
Prerequisite for encrypting files
Ubuntu doesn’t really offer any native solution to encrypt our files. So we will be using something called as gocryptfs which is a open source software developed by rfjakob. It is one among the fast and secure tools available. Besides the tool you need a little time to install and use it. It’s all that is necessary for your to go on about encrypting files on Ubuntu. Below is a step wise guide on how to accomplish out tasks of encryption / decryption.
Obvious INFO ( to save you multiple google clicks time ) : You can read more about gocryptfs here. And if your are a geek find the GitHub repository here.
Installing gocryptfs
Open up your terminal by pressing CTRL + ALT + T
and type the command provided below.
sudo apt -y install gocryptfs
Obvious INFO : You must be a root user to install applications. The -y
option accepts any prompt in the CLI.
The application is now installed. And there is a negligible chance that you run into any error while installing gocryptfs
. Let’s move on and review the usage.
Encrypting files
Now that we are ready to use the tool to secure our files. Let us look at how to use it for our benefit.
We will require 2 folders so let us create 2 directories on Desktop > GoCryptTuts
. You can do this anywhere like shown in the image below. For this simply I have navigated to my desired directory. From current terminal you can just move forward by putting on the following commands.
cd ~/path/to/your/desired/directory
mkdir Insecure Secure
Code language: JavaScript (javascript)
The above command will create 2 directory on your chosen destination. It is shown in the image below. Of course you have to replace /path/to..
with your own path.
Obvious INFO : cd ~
is your home directory so cd ~/path
is equal to cd /home/path
Now that we have our folders ready let us understand what will each of the folder hold.
Insecure : contains all the files which will be secured ( encrypted )
Secure : contains the encrypted file which will be unreadable. You can upload this wherever you want and no one ( exception being NSA ) will find out your secretes 😉
Encrypting files
Now we are ready to follow some real action. We must first initialize gocryptfs. To do so simply execute the commands below. Please note the commands are relative to this article. If you made any changes in the folder creation process you must use those details.
gocryptfs -init -aessiv Secure
But what the above command do ? Glad you asked! The above command tells where the gocryptfs
should store the encrypted file and folder once you start adding files to it.
The above command will ask you for password twice. Enter your desired password. You will be provided something like the image below after you enter your password twice.
Notice the Your master key is line ? If you did not please do. If you ever forget your password there is no other way to get back your files. You will have to use this master key. If you lose it your files will be gone forever. So BACK IT UP!
Start adding files on your Insecure folder. These files will be automatically encrypted on the fly. Watch the GIF below to get an idea of how you can encrypt files.
Obvious INFO: Never use obvious info as your password. Make it at least 10 characters long what doesn’t include your name, address and such. Applicable to all the password you will ever use. And use a password manager like KeePass to manage all your passwords.
Suggested Read : Strandhogg 2.0: Android bug that can trick user and steal data
TECHENUM
Decrypting files
Once you unmount the directory how will you get back the original unencrypted files ? Well it’s really very easy you just execute the following commands. These commands should be executed from the root folder where the encrypted files reside.
gocryptfs Secure/ Insecure/
Remember the command gocryptfs <EncryptedFolder/> <DecryptedFilesStoreFolder/>
. You can refer to the GIF above to get if you’re confused. After the above command everything will be visible as it originally was.
This all all there is to securing your data by encrypting files on Ubuntu. Now, go on and hide your secretes.
One thought on “Learning about encrypting files & folders on Ubuntu”
Comments are closed.