popular commercial applications offer the possibility to protect an
archive with a password. Is there something similar for Gnu/Linux?
Well, first of all one could use one of the those commecial apps, but it’s not advisable for at least three reasons:
- they come with restrictive licenses;
- they use weak algorithms (which the use can’t change);
- you have to install them by enabling unfree/multiverse repositories (at least rar);
So, what should one do? The answer is simple: just use tar + gpg
which are respectively the best for archiving and the best for
encrypting? This article briefly explains how you can put them together
to create a password protected compressed archive.
To compress all the content of directory foo and store it in a file called archive.stgz (note stgz: a sort of secure tar gz):
$ tar cfz - foo | gpg -c -o archive.stgz $ gpg -d archive.stgz | tar xfz - $ tar cfj - foo | gpg -c -o archive.stbz2 $ gpg -d archive.stbz2 | tar xfj - $ tar cfj - foo | gpg -s -e -o archive.stbz2 $ gpg -d archive.stbz2 | tar xfj - $ tar cfj - foo | gpg -r bar -e -o archive.stbz2 using the command line: gpg -c --passphrase password foo echo $password | gpg -c --passphrase-fd 0 password foo This way your history file now has your password. gpg -c --passphrase-fd 0 foo < <eop password="" eop="" Very nice since you could have previously stored password in a shell variable using a file gpg -c --passphrase-file passfile password foo
The file must have stricly limited permissions and must be securly removed.