Protecting file in linux

How to Protect Files and Directories from Deleting in Linux

Are you working as a Linux Admin? Do you generally defend script documents or any important files? You might be aware that, Chattr (change Attribute) is a command line Linux utility that is used to set/unset exact attributes to a file in Linux process to comfortable unintended deletion or change of major files and folders, although you’re logged in as a root user.

This article helps you to look after your records or folders that may support in disallowing an unauthorized user to delete your touchy contents.

Protecting File

In the below example abc.txt is the file name

Protecting a file

To protect file, use the following command –

Now try to remove file, using rm command as shown below –

The sample output should be like this –

Removing the protection to file

To remove the protection to file, use the following command –

To verify the above command, use the following command as shown below-

The above command removes the file without giving information.

Protecting Directories

In the below example abc is a directory name

Protecting a directory

To protect directory, use the following command –

To verify the above command, use the following command as shown below –

The sample output should be like this –

Removing protection to the directory

To remove protection to the directory, use the following command-

To verify the above command, use the following command as shown below –

The above command remove the file without giving information.

In the above article, we have learnt about – Learn how to protect files & directories from delete. In our next articles, we will come up with more Linux based tricks and tips. Keep reading!

Источник

7 Tools to Encrypt/Decrypt and Password Protect Files in Linux

Encryption is the process of encoding files in such a way that only those who are authorized can access it. Mankind is using encryption from ages even when computers were not in existence. During war they would pass some kind of message that only their tribe or those who are concerned were able to understand.

Linux distribution provides a few standard encryption/decryption tools that can prove to be handy at times. Here in this article we have covered 7 such tools with proper standard examples, which will help you to encrypt, decrypt and password protect your files.

If you are interested in knowing how to generate Random password in Linux as well as creating random password you may like to visit the below link:

1. GnuPG

GnuPG stands for GNU Privacy Guard and is often called as GPG which is a collection of cryptographic software. Written by GNU Project in C programming Language. Latest stable release is 2.0.27.

In most of the today’s Linux distributions, the gnupg package comes by default, if in-case it’s not installed you may apt or yum it from repository.

We have a text file (tecmint.txt) located at

/Desktop/Tecmint/, which will be used in the examples that follows this article.

Before moving further, check the content of the text file.

Now encrypt tecmint.txt file using gpg. As soon as you run the gpc command with option -c (encryption only with symmetric cipher) it will create a file texmint.txt.gpg. You may list the content of the directory to verify.

Note: Enter Paraphrase twice to encrypt the given file. The above encryption was done with CAST5 encryption algorithm automatically. You may specify a different algorithm optionally.

To see all the encryption algorithm present you may fire.

Now, if you want to decrypt the above encrypted file, you may use the following command, but before we start decrypting we will first remove the original file i.e., tecmint.txt and leave the encrypted file tecmint.txt.gpg untouched.

Note: You need to provide the same password you gave at encryption to decrypt when prompted.

2. bcrypt

bcrypt is a key derivation function which is based upon Blowfish cipher. Blowfish cipher is not recommended since the time it was figured that the cipher algorithm can be attacked.

If you have not installed bcrypt, you may apt or yum the required package.

Encrypt the file using bcrypt.

As soon as you fire the above command, a new file name texmint.txt.bfe is created and original file tecmint.txt gets replaced.

Decrypt the file using bcrypt.

Note: bcrypt do not has a secure form of encryption and hence it’s support has been disabled at least on Debian Jessie.

3. ccrypt

Designed as a replacement of UNIX crypt, ccrypt is an utility for files and streams encryption and decryption. It uses Rijndael cypher.

If you have not installed ccrypt you may apt or yum it.

Encrypt a file using ccrypt. It uses ccencrypt to encrypt and ccdecrypt to decrypt. It is important to notice that at encryption, the original file (tecmint.txt) is replaced by (tecmint.txt.cpt) and at decryption the encrypted file (tecmint.txt.cpt) is replaced by original file (tecmint.txt). You may like to use ls command to check this.

Provide the same password you gave during encryption to decrypt.

4. Zip

It is one of the most famous archive format and it is so much famous that we generally call archive files as zip files in day-to-day communication. It uses pkzip stream cipher algorithm.

If you have not installed zip you may like to apt or yum it.

Create a encrypted zip file (several files grouped together) using zip.

Here mypassword is the password used to encrypt it. A archive is created with the name tecmint.zip with zipped files tecmint.txt, tecmint1.txt and tecmint2.txt.

Decrypt the password protected zipped file using unzip.

You need to provide the same password you provided at encryption.

5. Openssl

Openssl is a command line cryptographic toolkit which can be used to encrypt message as well as files.

You may like to install openssl, if it is not already installed.

Encrypt a file using openssl encryption.

Explanation of each option used in the above command.

1. enc : encryption
2. -aes-256-cbc : the algorithm to be used.
3. -in : full path of file to be encrypted.
4. -out : full path where it will be decrypted.

Decrypt a file using openssl.

6. 7-zip

The very famous open source 7-zip archiver written in C++ and able to compress and uncompress most of the known archive file format.

If you have not installed 7-zip you may like to apt or yum it.

Compress files into zip using 7-zip and encrypt it.

Decompress encrypted zip file using 7-zip.

Note: Provide same password throughout in encryption and decryption process when prompted.

All the tools we have used till now are command based. There is a GUI based encryption tool provided by nautilus, which will help you to encrypt/decrypt files using Graphical interface.

7. Nautilus Encryption Utility

Steps to encrypt files in GUI using Nautilus encryption utility.

Encryption of file in GUI

1. Right click the file you want to encrypt.

2. Select format to zip and provide location to save. Provide password to encrypt as well.

Encrypt File Using Nautilus

3. Notice the message – encrypted zip created successfully.

Encrypted Zip File Confirmation

Decryption of file in GUI

1. Try opening the zip in GUI. Notice the LOCK-ICON next to file. It will prompt for password, Enter it.

Decryption of File

2. When successful, it will open the file for you.

Decryption Confirmation

That’s all for now. I’ll be here again with another interesting topic. Till then stay tuned and connected to Tecmint. Don’t forget to provide us with your valuable feedback in the comments below. Like and share us and help us get spread.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

We are thankful for your never ending support.

Источник

Howto: Linux Write protect a file

Q. How do I write protect a file under Linux? I’m using CentOS 5 server Linux operating system. I need prevent accidental changes to my files.

A. There are two ways to write protect a file under Linux.

Method #1: You can make file readonly by removing users’ write permission for a file. Under Linux and UNIX user cannot remove or modify file if they don’t have a write permission. You can use normal chmod command for this purpose.

• No ads and tracking
• In-depth guides for developers and sysadmins at Opensourceflare✨
• Join my Patreon to support independent content creators and start reading latest guides:
  • How to set up Redis sentinel cluster on Ubuntu or Debian Linux
  • How To Set Up SSH Keys With YubiKey as two-factor authentication (U2F/FIDO2)
  • How to set up Mariadb Galera cluster on Ubuntu or Debian Linux
  • A podman tutorial for beginners – part I (run Linux containers without Docker and in daemonless mode)
  • How to protect Linux against rogue USB devices using USBGuard

Join Patreon ➔

Method #2 : You need to use chattr command which changes the file attributes on a Linux second extended (ext2 / ext3) file system. You need to setup i attribute. A file with the i attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. Only the superuser (root) or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.

Write protecting a file using chmod command

Let say you want to write protect the file called data.txt so that no other users can change it, enter:
$ chmod go-w data.txt
To provide back permission use:
$ chmod go+w data.txt

Write protecting a file using chattr command

Let say you want to write protect the file called data.txt so that no other users can change it including root user , enter (you must login as the root user to use chattr command):
# chattr +i data.txt
To remove i attribute, enter:
# chattr -i data.txt

🐧 Get the latest tutorials on Linux, Open Source & DevOps via

Источник

How to Create a Password Protected ZIP File in Linux

ZIP is a very popular compression and file packaging utility for Unix-like operating systems as well as Windows. While perusing through the zip man page, I discovered some useful options for protecting zip archives.

In this post, I will show you how to create a password protected zip file on the terminal in Linux. This will help you learn a practical way of encrypting and decrypting contents of zip archive files.

First install zip utility in your Linux distribution using the package manger as shown.

How to Create Password Protected ZIP in Linux

Once installed, you can use the zip command with -p flag to create a password protected zip archive called ccat-command.zip from the directory of files called ccat-1.1.0 as follows.

Create Password Protected Zip File

However, the above method is absolutely insecure, because here the password is provided as clear-text on the command line. Secondly, it will also be stored in the history file (e.g

.bash_history for bash), meaning another user with access to your account (more especially root user) will easily see the password.

Therefore, try to always use the -e flag, it shows a prompt allowing you to enter a hidden password as shown.

Create Password Protect Zip Archive

How to Unzip Password Protected ZIP in Linux

To unzip and decrypt the content of the archive file called ccat-command.zip, use the unzip program and provide the password you entered above.

Decrypt ZIP Archive

That’s It! In this post, I described how to create a password protected zip file on the terminal in Linux. If you have any queries, or other useful related tip/tricks to share, use the comment form below ping us.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

We are thankful for your never ending support.

Источник