Encrypt and decrypt a directory with a symmetric cipher using a passphrase with gpgtar
This wiki assumes that you have
gpgtar installed. It is installed by default on the distribution GNU/Linux Trisquel.
This wiki helps you understand how to encrypt and decrypt a directory with a symmetric cipher, that is with a single passphrase (i.e. not with a public and private keys).
To encrypt a directory (a.k.a folder)
To encrypt a directory with a symmetric cipher, using a passphrase, run:
$ gpgtar -o directory.gpg -c directory/
The shell should ask you to enter a passphrase, twice.
-o is short for
-c is short for
directory.gpg is the name of the encrypted directory to be created. You do not need to create
directory.gpg beforehand. Also
directory.gpg is an arbitrary name; pick whichever name you like for the encrypted directory.
Next, you can check that
directory.gpg is an encrypted file by running:
$ file directory.gpg
which should print:
directory.gpg: GPG symmetrically encrypted data (AES256 cipher)
Last, you can delete the unencrypted directory:
$ rm -r directory/
To decrypt an encrypted directory
Now, to decrypt
directory.gpg. First create a directory where the decrypted directory will be extracted. We will name it
decrypted but again, that is an arbitrary name; name it whatever you like.
$ mkdir decrypted
directory.gpg by running:
$ gpgtar -C decrypted/ -d directory.gpg
-C is short for
-d is short for
The shell might prompt you to enter the passphrase in a pop up window. It is also possible that the passphrase is cached. In that case,
gpg does not ask for the passphrase (see
$ man gpg
/--symmetric for more info).
The shell should print this:
gpgtar: gpg: AES256 encrypted data gpgtar: gpg: encrypted with 1 passphrase
cd into the directory named
decrypted to find the decrypted directory.
To learn more about the options used above, run:
$ man gpgtar