Re: [gentoo-user] how best to encrypt a file
180703 Alec Ten Harmsel wrote: > On Tue, Jul 03, 2018 at 05:47:22AM -0400, Philip Webb wrote: >> I have a couple of small files which need to be encrypted : >> one is simple text ( .txt ), the other a spreadsheet ( .ods ). >> I haven't used encryption like this before : what do others use ? > I have used `gpg' to do this before: > # Encrypt with a passphrase > gpg -c > # Decrypt > gpg -d .gpg Thanx for this : I've used it to do the encryption I want. Thanx also to the others who replied : I will add the info to my notes. -- ,, SUPPORT ___//___, Philip Webb ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto TRANSIT`-O--O---' purslowatchassdotutorontodotca
[gentoo-user] how best to encrypt a file
In which use case? :-D *If I want to keep files only for me, i use gpg with a keyfile. I use kde dolphin as file-manager. It has an option in the context menu to en-/decrypt files or folder with gpg. The really cool feature is the recovery :) If I break my gui - what, of course, never will happen because I use a nvidia card :-D , i can easy access my data in a shell. *If I want to share files with trusted users, i use gpg with a password. *If I need a backup, i use borgbackup for 1/2 year now and it's easy to use, fast and powerful. I run two small scripts, basically a list of borg options, as cron jobs and get a mail with the repo status after every run. [1] http://borgbackup.readthedocs.io/ ;) > I have a couple of small files which need to be encrypted : > one is simple text ( .txt ), the other a spreadsheet ( .ods ). > > I haven't used encryption like this before : what do others use ? > signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] how best to encrypt a file
On Tue, Jul 03, 2018 at 07:27:35AM -0400, Philip Webb wrote: > 180703 Alec Ten Harmsel wrote: > > On Tue, Jul 03, 2018 at 05:47:22AM -0400, Philip Webb wrote: > >> I have a couple of small files which need to be encrypted : > >> one is simple text ( .txt ), the other a spreadsheet ( .ods ). > >> I haven't used encryption like this before : what do others use ? > > I have used `gpg' to do this before: > > # Encrypt with a passphrase > > gpg -c > > # Decrypt > > gpg -d .gpg > > I do have some files I keep encrypted locally > > that I use `gpg' to encrypt/decrypt, but with my personal key pair. > > For that, I use a vim plugin [1] that transparently decrypts to `/tmp', > > lets me edit and then saves back to the original file. > > This prevents the decrypted contents from ever being on my hard drive, > > as I have `/tmp' mounted as tmpfs. > > Thanks, that's very helpful except that you forgot to append [1] (smile). Ouch. I meant to link to https://github.com/jamessan/vim-gnupg. > I don't need to encrypt the files locally, > but do need to when I create copies to up-load as off-site back-ups. Someone else mentioned duplicity, which I've used in the past. It's built to do encrypted backups to S3/Dropbox/scp. Alec
Re: [gentoo-user] how best to encrypt a file
On Tuesday, 3 July 2018 13:33:27 BST Samuraiii wrote: > On 3.7.2018 13:27, Philip Webb wrote: > > 180703 Alec Ten Harmsel wrote: > >> On Tue, Jul 03, 2018 at 05:47:22AM -0400, Philip Webb wrote: > >>> I have a couple of small files which need to be encrypted : > >>> one is simple text ( .txt ), the other a spreadsheet ( .ods ). > >>> I haven't used encryption like this before : what do others use ? > >> > >> I have used `gpg' to do this before: > >> # Encrypt with a passphrase > >> gpg -c > >> # Decrypt > >> gpg -d .gpg > >> > >> I do have some files I keep encrypted locally > >> that I use `gpg' to encrypt/decrypt, but with my personal key pair. > >> For that, I use a vim plugin [1] that transparently decrypts to `/tmp', > >> lets me edit and then saves back to the original file. > >> This prevents the decrypted contents from ever being on my hard drive, > >> as I have `/tmp' mounted as tmpfs. > > > > Thanks, that's very helpful except that you forgot to append [1] (smile). > > > > I don't need to encrypt the files locally, > > but do need to when I create copies to up-load as off-site back-ups. > > > > Does anyone else have a useful suggestion ? > > Hi, > > there is "reverse" encfs if there are more files to encrypt for backup. > > encfs --reverse ~/dir /tmp/dir > > It will encrypt original files on fly as you read /tmp/dir. > > I used this before (now I backup with duplicity). > > S > > PS: link to arch page with some more info > > https://wiki.archlinux.org/index.php/EncFS#Encrypted_backup If you use gpg -c then the symmetric key is stored in ciphertext of the resulting file. You can use a salt and multiple iterations to make it more secure (check --s2k-mode and --s2k-count in the fine manual) against brute force attacks. If you use gpg -e for asymmetric encryption, then the private key remains yours to store securely offline. Asymmetric encryption is computationally expensive, so it wouldn't be used for backing up a whole filesystem with loads of files, but could be used to encrypt the back up key and similarly small in size but sensitive data. You can also use openssl for the same purpose. For the odd file I use gpg -e and shred to delete securely the decrypted file from the disk after I have finished reading it (some times my tmpfs is on disk). Libreoffice can also use gpg to encrypt your files. Look for the option on the File/Save As pop up. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] how best to encrypt a file
On July 3, 2018 7:33:27 AM CDT, Samuraiii wrote: >On 3.7.2018 13:27, Philip Webb wrote: >> 180703 Alec Ten Harmsel wrote: >>> On Tue, Jul 03, 2018 at 05:47:22AM -0400, Philip Webb wrote: I have a couple of small files which need to be encrypted : one is simple text ( .txt ), the other a spreadsheet ( .ods ). I haven't used encryption like this before : what do others use ? >>> I have used `gpg' to do this before: >>> # Encrypt with a passphrase >>> gpg -c >>> # Decrypt >>> gpg -d .gpg >>> I do have some files I keep encrypted locally >>> that I use `gpg' to encrypt/decrypt, but with my personal key pair. >>> For that, I use a vim plugin [1] that transparently decrypts to >`/tmp', >>> lets me edit and then saves back to the original file. >>> This prevents the decrypted contents from ever being on my hard >drive, >>> as I have `/tmp' mounted as tmpfs. >> Thanks, that's very helpful except that you forgot to append [1] >(smile). >> >> I don't need to encrypt the files locally, >> but do need to when I create copies to up-load as off-site back-ups. >> >> Does anyone else have a useful suggestion ? >> >Hi, > >there is "reverse" encfs if there are more files to encrypt for backup. > >encfs --reverse ~/dir /tmp/dir > >It will encrypt original files on fly as you read /tmp/dir. > >I used this before (now I backup with duplicity). > >S > >PS: link to arch page with some more info > >https://wiki.archlinux.org/index.php/EncFS#Encrypted_backup I'd recommend taking a look at borg backup. I've used it for remote backups over ssh and the deduplication and automatic encryption is aweaome. Maybe a bit overkill, but I believe in encryptes backups. -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: [gentoo-user] how best to encrypt a file
On 3.7.2018 13:27, Philip Webb wrote: > 180703 Alec Ten Harmsel wrote: >> On Tue, Jul 03, 2018 at 05:47:22AM -0400, Philip Webb wrote: >>> I have a couple of small files which need to be encrypted : >>> one is simple text ( .txt ), the other a spreadsheet ( .ods ). >>> I haven't used encryption like this before : what do others use ? >> I have used `gpg' to do this before: >> # Encrypt with a passphrase >> gpg -c >> # Decrypt >> gpg -d .gpg >> I do have some files I keep encrypted locally >> that I use `gpg' to encrypt/decrypt, but with my personal key pair. >> For that, I use a vim plugin [1] that transparently decrypts to `/tmp', >> lets me edit and then saves back to the original file. >> This prevents the decrypted contents from ever being on my hard drive, >> as I have `/tmp' mounted as tmpfs. > Thanks, that's very helpful except that you forgot to append [1] (smile). > > I don't need to encrypt the files locally, > but do need to when I create copies to up-load as off-site back-ups. > > Does anyone else have a useful suggestion ? > Hi, there is "reverse" encfs if there are more files to encrypt for backup. encfs --reverse ~/dir /tmp/dir It will encrypt original files on fly as you read /tmp/dir. I used this before (now I backup with duplicity). S PS: link to arch page with some more info https://wiki.archlinux.org/index.php/EncFS#Encrypted_backup signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] how best to encrypt a file
180703 Alec Ten Harmsel wrote: > On Tue, Jul 03, 2018 at 05:47:22AM -0400, Philip Webb wrote: >> I have a couple of small files which need to be encrypted : >> one is simple text ( .txt ), the other a spreadsheet ( .ods ). >> I haven't used encryption like this before : what do others use ? > I have used `gpg' to do this before: > # Encrypt with a passphrase > gpg -c > # Decrypt > gpg -d .gpg > I do have some files I keep encrypted locally > that I use `gpg' to encrypt/decrypt, but with my personal key pair. > For that, I use a vim plugin [1] that transparently decrypts to `/tmp', > lets me edit and then saves back to the original file. > This prevents the decrypted contents from ever being on my hard drive, > as I have `/tmp' mounted as tmpfs. Thanks, that's very helpful except that you forgot to append [1] (smile). I don't need to encrypt the files locally, but do need to when I create copies to up-load as off-site back-ups. Does anyone else have a useful suggestion ? -- ,, SUPPORT ___//___, Philip Webb ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto TRANSIT`-O--O---' purslowatchassdotutorontodotca
Re: [gentoo-user] how best to encrypt a file
On Tue, Jul 03, 2018 at 05:47:22AM -0400, Philip Webb wrote: > I have a couple of small files which need to be encrypted : > one is simple text ( .txt ), the other a spreadsheet ( .ods ). > > I haven't used encryption like this before : what do others use ? I have used `gpg' to do this before: # Encrypt with a passphrase gpg -c # Decrypt gpg -d .gpg I do have some files I keep encrypted locally that I use `gpg' to encrypt/decrypt, but with my personal key pair. For that, I use a vim plugin[1] that transparently decrypts to `/tmp', lets me edit, and then saves back to the original file. This prevents the decrypted contents from ever being on my hard drive, as I have `/tmp' mounted as tmpfs. Hope this helps, Alec
[gentoo-user] how best to encrypt a file
I have a couple of small files which need to be encrypted : one is simple text ( .txt ), the other a spreadsheet ( .ods ). I haven't used encryption like this before : what do others use ? -- ,, SUPPORT ___//___, Philip Webb ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto TRANSIT`-O--O---' purslowatchassdotutorontodotca
