If you are sending files or documents with sensitive information (eg. database credentials), you probably don't want to send it without making sure it is encrypted. In Linux and OSX, I use a tool called
GnuPG to add password protection to files I want to share with other people. This is, by no means, the best way to send sensitive information to someone else, but it does provide a small layer of protection against an unintended recipient opening and reading the contents.
Install GnuPG
For Ubuntu, fire up a terminal and run:
For OSX, install
Homebrew and run:
Encrypting Files
To encrypt a sensitive file, navigate to the directory of the file and run:
Output:
Enter passphrase:
Repeat passphrase:
If all is well, GnuPG will create an encrypted file named
sensitive.txt.gpg. If someone tries to open and read the contents, they will get nothing but gibberish!
Decrypting Files
To decrypt a file, navigate to the directory of the file and run:
Output:
gpg: CAST5 encrypted data
Enter passphrase:
Now, enter the passphrase set for the file during encryption. Voila! The file is now decrypted as
sensitive.txt.
Note: You may get the following: gpg: WARNING: message was not integrity protected, but it doesn't affect the result.
remember to remove the original file with "srm" instead of a normal "rm", that will make sure the sensitive data is destroyed from the hard drive making it virtually impossible to recover in case of compromise..
ReplyDeletethanks for the tip!
DeleteIf you don't have srm installed, do a sudo apt-get install secure-delete (in Debian)
ReplyDeleteInteresting blog. It would be great if you can provide more details about it. Thanks you.
ReplyDeleteI enjoyed reading this blog post. It was inspiring and informative. gnupg encryption
ReplyDelete