neddie Posted September 18, 2007 Report Share Posted September 18, 2007 There are a few GPG-related threads here but some are pretty old and some don't quite address what I'm thinking about here, so I'll open a new one :) I'm not looking for an encrypted hard drive partition, or encrypted emails, I'm just thinking it would be nice to be able to write a data CD for my backups, and be able to give that CD to someone to keep for me (in case my house burns down) without them being able to easily read what's on the CD. It would only be for emergencies, so they'd then give me the CD back, and I'd decrypt it myself and get my sekrit files back again. Doesn't have to be fast, doesn't have to be windows-compatible, doesn't really have to be rock-solid secure either but I think it should be fairly easy to be fairly secure. So can I do this with GPG? I tried reading their how-tos but the links are broken. Could I maybe just tar up the folders into one big file, and then run a simple (CLI or GUI) operation to encrypt the tar into a new file to be written to the CD? Or is there a better way of doing it? Would that be too fragile in case one little scratch corrupted the entire disk? Quote Link to comment Share on other sites More sharing options...
scarecrow Posted September 18, 2007 Report Share Posted September 18, 2007 (edited) No, you can't... GPG can't be used on the ISO9660 filesystem. But you can backup your files using zip/7-zip/rar encryption. There are also drives which can backup to a native encrypted FS (the Premium series of Plextor drives come to mind), but 1. the burning software is for windoze only (despite the fact Plextor promised Plextools for Linux several years ago...), and 2. the burned CD is readable in a Plextor Premium drive ONLY- no other CD-ROM, not even non-Premium series Plextor drives... Edited September 18, 2007 by scarecrow Quote Link to comment Share on other sites More sharing options...
neddie Posted September 18, 2007 Author Report Share Posted September 18, 2007 Why should it matter what the file system is? :unsure: I just encrypt a file on ext3 and then write a binary file to the CD, no? Or am I missing something? As far as I know, zip / bzip2 / gzip don't do any encryption, and rar is a proprietary format I think, so I was hoping for a free solution. And no I don't want any manufacturer-specific file systems. Isn't there an easy way to encrypt a file, either with a symmetric or asymmetric key? I thought that was the point of tools like GPG. Or apparently there's a front-end gui called Kgpg, has anyone used that? Quote Link to comment Share on other sites More sharing options...
javaguy Posted September 18, 2007 Report Share Posted September 18, 2007 Isn't there an easy way to encrypt a file, either with a symmetric or asymmetric key? I thought that was the point of tools like GPG. Yes. I don't remember what it is, but IIRC I found it pretty easily with the --help feature. I don't think you even need to generate a key if you're encrypting symetrically; just pick a good password. gpg is awesome for command-line encryption and managing encryption in shell scripts. My first thought would be, yes, tar up the whole thing and encrypt it before burning it to the cd. You're right, though, that if you lost even a few bits of data due to one little scratch you would consequently lose the entire thing. I suppose you could copy the entire directory structure you want to save to a temp directory and encrypt all the files individually. Or you could just make multiple backups. Quote Link to comment Share on other sites More sharing options...
pmpatrick Posted September 18, 2007 Report Share Posted September 18, 2007 Take a look at mcrypt. mcrypt only works on a single file at a time so the general procedure woud be to tar up all the files you want to encrypt into a single tar archive and then use mcrypt on that tar archive. The syntax is: $ mcrypt <filename> at which you are prompted for a password. Fill in with the strong password of your choice. You will need the password for decrypting the file. Mcrypt creates a new file called filename.nc by default. That can be burnt to your cd-r. To decrypt, the syntax is: $ mcrypt -d filename.nc enter the password used when filename.nc was created. "mdecrypt" can be used in lieu of "mcrypt -d". Quote Link to comment Share on other sites More sharing options...
neddie Posted September 21, 2007 Author Report Share Posted September 21, 2007 Thanks, that works like a charm! :) I don't understand all the options in there but seems to work fine out of the box! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.