We can password protect gzip Files on command line, like from SSH to remote server with gpg or openssl, to ensure more security of the file. This is quite important for the backup files, for the files kept in publicly accessible area of the server or executable files not desired to be executed by the other users of the server.
Password Protect gzip Files on Command Line : Basics
There are two set of operations – usage Tar and compression is a job for tar and gzip or bzip2, cryptography is a job for either gpg or openssl. We can use UNIX Pipe to combine both steps to one step.
Obviously, there will be two sets of commands, one is to password protect (encrypt) and another is to open the files later (decrypt). We can create a bash script to automate the process.
Password Protect gzip Files on Command Line : Encrypt
We can encrypt or rather password protect the gzip files with these commands :
tar cz directory_to_encrypt | \
openssl enc -aes-256-cbc -e > out.tar.gz.enc
If we use
gpg --encrypt out.tar.gz
Obviously, the original directory must be deleted recursively. Also, we can use the
zip utility :
zip -e /path/to/file_name.zip <list_of_files>
# -e asks the zip utility to encrypt
Password Protect gzip Files on Command Line : Decrypt
The files/directory if protected with the first command, will be quite difficult to open. Here are various ways :
openssl aes-256-cbc -d -in out.tar.gz.enc -out decrypted.tar.gz
openssl enc -aes-256-cbc -e -in foo.tar.gz -out bar.tar.gz.enc