|
General software and network General OS-independent software and network questions, X11, MTA, routing, etc. |
|
Thread Tools | Display Modes |
|
|||
Encrypting Files
What's the best way to encrypt or protect files on your computer? Say a plain ascii file that holds sensitive personal or company data that you don't want left as plain ascii text.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14) |
|
|||
I would use OpenSSL, but that's just me...
$ openssl enc -aes-256-cbc -salt -in naughty-doc.txt -out naughty-doc.encrypt This will prompt you for a passphrase, now.. that can be a password, but it can also be a phrase.. you'll definitely need to remember the grammar & capitalization though. If you decide to use a password, make it a long and complex one... To decrypt the file: $ openssl enc -d -aes-256-cbc -in naughty-doc.encrypt -out naughty-doc.txt You can obtain a list of ciphers via: $ openssl enc -h Good luck.. Last edited by BSDfan666; 19th September 2008 at 03:04 AM. |
|
||||
I usually apply a Caesar cipher (not rot13), archive the data with a password, and encrypt it again in a stronger manor.
Whether or not it's a good idea, I dunno, but works for me.
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
||||
Each BSD has it's own way of encrypting the whole hard drive. On FreeBSD you may go for geli or gdbe http://www.freebsd.org/doc/en_US.ISO...ncrypting.html. On NetBSD you'll go for CGD http://www.netbsd.org/docs/guide/en/chap-cgd.html and on OpenBSD(which I use) you'll go for http://geektechnique.org/projectlab/...leserver-howto
For individual files and emails I use GnuPG.
__________________
If it moves, crypt it. Unless it's static - than you should double-crypt it. |
|
|||
Does anyone know where (/etc/passwd ?) and how login passwords are stored and encrypted (if at all)?
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14) |
|
||||
As far as I know, it depends on the system and it's settings JMJ; it should obey /etc/login.conf.
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
||||
Use the tar(1) luke.
__________________
religions, worst damnation of mankind "If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”. vermaden's: links resources deviantart spreadbsd |
|
||||
Do not use compresion then, tar alone does not compress files.
__________________
religions, worst damnation of mankind "If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”. vermaden's: links resources deviantart spreadbsd |
|
||||
Quote:
Why don't you simply create another user account called userX. # chmod 700 ~userX Then, put all ya top-secret stuff in there. Anytime you want to access the top-secret stuff just do the following from your regular account: $ su - userX Ofcourse, for max. safety use tar + openssl. |
|
||||
Quote:
Example: Code:
steghide embed -cf picture.jpg -ef encrypted_file -sf new_picture.jpg Code:
steghide extract -sf new_picture.jpg /usr/ports/security/steghide |
|
||||
It may be little suspicious if someone would find a JPG image with 3.0GB size
__________________
religions, worst damnation of mankind "If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”. vermaden's: links resources deviantart spreadbsd |
|
||||
I think this topic is best and nice topic in all of this forums. I like and love this topic
after I test openssl and encrypt file , I can understand I can delete encrypt file and it is so bad I want way to hide file and nobody can delete that file , I will test steghide I thinks this is good thing. but I need something like truecrypt. |
|
||||
Yes, I would be suspicious, too. But you could hide an awful amount of secrets in a 3 GB picture, I think. From what I have experienced, it seems like I can hide about 5 - 6 % of the files size. For instance, I have successfully hidden a PDF-file of 140 kB (6 pages filled with equations and diagrams) in a picture of 2.4 MB. My only problem is that I don't need to hide data, but it is quite fun!
|
|
|||
This is where file permissions and routine backups come in..
|
|
|||
Has anybody tried FUSE EncFS? It appears to be a file-backed file system with no pre-determined size. Also, given that it is FUSE based, it should be fairly portable.
Last edited by ddekok; 9th October 2008 at 05:14 PM. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Cleaning Portsnap files in /var/db/portsnap/files | bram85 | FreeBSD Ports and Packages | 2 | 5th October 2009 09:54 AM |
Encrypting gvinum raid5 | oxy | FreeBSD General | 1 | 13th December 2008 05:59 PM |
How to sync files over ftp | graudeejs | FreeBSD General | 4 | 4th August 2008 10:18 PM |
Moving files | Weaseal | Programming | 2 | 14th July 2008 07:30 AM |
Encrypting hard drive? | ViperChief | FreeBSD Installation and Upgrading | 5 | 31st May 2008 03:42 PM |