From:http://www.linux.com/learn/tutorials/315934-weekend-project-make-a-portable-encrypted-file-safe
Many
Linux distributions offer industrial-strength disk encryption tools,
either allowing you to encrypt entire partitions or just users'
(including root's) home folders, at install-time or after the fact. But
what if you just need to encrypt a single file or directory, such as a
sensitive folder you can ferry back and forth between different sites?
And what if you need to ensure that you can access the folder contents
even from a non-Linux computer?
The Landscape: Secrets, Keys, Files, and Folders
Owing to its strong Unix roots, there is no shortage of encryption tools for the modern Linux user. Gnu Privacy Guard
(GPG), OpenSSL
, and OpenSSH
are mainstays for protecting email, HTTP, and SSH, respectively; and
there are even high quality GUI tools to make short work of the
potentially confusing tasks of managing all of the keys, signatures, and
webs-of-trust involved. Likewise, full-disk (or, more specifically,
full-partition) encryption is important for co-located servers and
laptops, and numerous Linux tools have been built for this task, such as
EncFS
, CryptoFS
, and loop-AES
.
The trouble with these solutions is that, being primarily designed for a
different use case, using them to encrypt a single file or folder is
either not possible, not cross-platform, or requires a separate step,
such as maintaining and protecting a public key pair. EncFS, for
example, is a FUSE filesystem
. So while it is simple to set up on a Linux box (particularly with the Cryptkeeper
applet), the resulting encrypted folder is not portable onto non-FUSE-capable operating systems.
That's not to suggest that any of the solutions above are bad
; on the contrary, you can easily use GPG to strongly encrypt a single file with gpg -e -r
[email protected]
-o encrypted_output_file.pgp unencrypted_input_file.txt
, where
[email protected]
is the email
address of someone in your keyring. The command could hardly be simpler,
and the encryption is air-tight, but it encrypts the file so that only
[email protected]
can decrypt it.
OpenSSL, on the other hand, can encrypt a file without tying it solely to a single encryption key. Just type:
openssl aes-256-cbc -a -salt -in unencrypted_input_file.txt -out encrypted_output_file.txt.enc .
The
openssl binary will prompt you to create a passphrase. The aes-256-cbc
parameter specifies the use of 256-bit AES as the cipher, and the -salt
parameter adds a salt
to the encryption setup for added security.
Anyone with the passphrase can then decrypt the file by running:
openssl aes-256-cbc -d -a -in encrypted_output_file.txt.enc -out newly_decrypted_original_file.txt .
This
is portable, and OpenSSL is widely available on non-Linux operating
systems, but it really only works on a single file. You could gzip a
directory for portability, but there are other ways.
Options for Encrypting Folders on the Fly
Several projects exist to encrypt folders in a more convenient manner,
both for portability across operating systems and to leverage the
important "on the fly" feature -- meaning that once the passphrase for
decrypting the folder is entered, the folder's full contents are
immediately available to the user, in a fully transparent manner.
Perhaps the most widely known is TrueCrypt
,
which is freely available, fully maintained for Linux, Mac OS X, and
Windows, and for which source code is available. The biggest obstacle to
TrueCrypt is license incompatibility, however -- the developers chose
to roll their own attempt at an open source / free software license, and
most distributions find it incompatible
and do not include TrueCrypt packages in their default installs or
package management systems. In addition, the makers of TrueCrypt do not
maintain a public source code repository and pull old source releases
off of their public web site when a new release is made; this also makes
maintaining compatibility a serious challenge.
However, if you don't mind the challenge, you can download
the latest TrueCrypt release from the project's web site. As of today,
the latest version is numbered 6.3a (although this does not represent
an "alpha" quality release; another deviation from the usual open source
project practices), from November of 2009. 32-bit and 64-bit builds
are available for Intel-compatible architectures, in tar archives. The
source code is available as a separate download
.
TrueCrypt has both a command-line interface and a GUI client. To set up
an encrypted directory, the simplest thing to do is walk through the
GUI's "create volume" wizard. You will be creating a TrueCrypt container,
which is an encrypted file that TrueCrypt mounts into the filesystem as
a regular volume. During setup, you can specify the encryption cipher,
hash algorithm, internal filesystem format, and passphrase. You must
also pre-choose the total size of the volume -- this is one of
TrueCrypt's weak points; it creates the entire volume at a fixed size
that cannot be expanded if necessary later. Note also that you cannot
encrypt an existing folder with TrueCrypt; you can only create a new
volume and copy existing content into it.
For Linux-only folder encryption, a better solution is eCryptfs
,
which you will probably find packaged as ecryptfs-utils. This is a
standard package available on most distributions that works by creating a
"stacked" filesystem on top of the existing disk filesystem. There is
no eCryptfs binary; rather, when installed, "ecryptfs" becomes a
filesystem type option for mount.
To use it, create a new directory, such as mkdir ./filevault
. You can then mount that directory on top of itself as type eCryptfs with sudo mount -t ecryptfs ./filevault ./filevault
.
The first time you mount this directory, the system will prompt you as
to whether it should use passphrase, OpenSSL, or other key types for
access control, as well as the encryption cipher and block size to use.
Once mounted, ./filevault will behave like any other directory. When
you are finished with it, however, you can unmount it with umount ./filevault
, and the contents are protected from prying eyes.
If you want, you can specify the passphrase in the mount command on
subsequent usage to save a step (perhaps even automating the mount
process). Just append it after the -o flag: sudo mount -t ecryptfs -o key=passphrase_passwd=MySecretPassword ./filevault ./filevault
. For improved security, you can store the passphrase in a file and use passphrase_passwd_file instead.
True Portability
As mentioned, though, eCryptfs is so far implemented only for Linux.
The ciphers it supports are standardized, of course, but the format in
which all
of these encryption tools write the relevant headers and data to disk is not standardized.
A better long-term idea is to use cryptsetup
, a tool developed in concert with LUKS, the Linux Unified Key Setup. LUKS itself is a specification
for how encrypted content is stored in the filesystem, which makes it possible to build LUKS-compatible tools for any OS.
Cryptsetup uses the device-mapper infrastructure on Linux, the same
subsystem that permits software RAID, logical volume manager (LVM), and
other "virtual device" filesystem niceties. The tool is straightforward
to use, but unfortunately works on the partition-level only, so you
cannot simply create an encrypted directory inside your home folder and
move it with ease, as TrueCrypt and eCryptfs permit. Still, if
portability is what you need, you can at least encrypt a partition on a
removable medium such as a USB key, and be sure that it will be readable
on other OSes.
To begin, mount your removable storage device as usual. If it is new,
you can devote the entire partition to your LUKS-protected content
without further work. If you want to store unencrypted content as well,
though, you will need to use fdisk to split the disk into more than one
partition. This is probably a good idea in the long run, since it would
allow you to use the unencrypted storage to carry some filesystem tools
and portable apps, too.
Let's
assume that you make two partitions, /dev/sdd1 for unencrypted storage
and /dev/sdd2 for encrypted storage. You then turn /dev/sdd2 into a
LUKS-formatted partition with cryptsetup --verbose --verify-passphrase luksFormat /dev/sdd2
. Cryptsetup will ask you to choose and verify a passphrase for the partition.
Next, run cryptsetup luksOpen /dev/sdd2 sdd2
and enter your passphrase. This command creates a device-mapper block
device named /dev/mapper/sdd2 -- this is the device you will use
whenever you access this protected storage. You then create a filesystem
on /dev/mapper/sdd2 just as if it was a regular physical disk, with
mkfs or your distribution's GUI filesystem tools. Use mkfs.vfat -F 16 /dev/mapper/sdd2
to create a FAT filesystem for maximum portability.
Finally, mount the new filesystem with sudo mount /dev/mapper/sdd2 /home/username/usb_secrets
.
The contents of the directory will be transparently encrypted when they
are written to the physical device, /dev/sdd2, but to all applications,
/dev/mapper/sdd2 will be perfectly accessible. The setup is only
required once, of course. On subsequent accesses, you only need to run
the mount
command.
The real magic is that because cryptsetup uses LUKS as its on-disk
format, the partition's contents are readable elsewhere. The best
Windows solution is FreeOTFE
(for "on
the fly encryption"). The FreeOTFE project provides binaries for
Windows machines and Windows Mobile devices and even includes a
"portable apps" package that you can store on the USB key itself. The
situation for Mac OS X is not quite as rosy, although the OSXCrypt
project is working on it.
Too Many Secrets?
As is often the case with powerful encryption, you have lots of
choices, each with ups and downs. If all you need is to encrypt a single
file and send it somewhere in a one-time-use manner, it is hard to beat
the OpenSSL example's simplicity. On the other hand, for folders and
repeated usage, you have more complex needs to weigh. eCryptfs is the
simplest way to encrypt a directory for Linux, but TrueCrypt is
completely cross-platform. If you can stand to limit your protected
directory to a USB key, however, Cryptsetup with LUKS offers the best
overall mix: the format is standardized for portability, and the
encryption is truly transparent to the system when in use.
For extra credit, try creating a USB key that contains one partition
for LUKS data, one FAT partition with FreeOTFE tools, and one partition
with a small bootable Linux distribution on it as the ultimate fallback.
But don't forget to include the encryption packages in the Linux
distro, because doing that would leave you right where you started.