Encrypt and Decrypt Files and Folders on the fly on Ubuntu Bionic Beaver
Tools needed:
- Filemanger-Actions Configuration Tool
- Openssl — pre-installed on Ubuntu.
- Write bash script to do decryption and encryption respectively.
- srm program
- Create a file with your password in it, say openssl.txt. Of course you can make this file invisible with a “.” added to the filename so only you know it’s there.
Let’s begin:
- Install Filemanager-Action Configuration Tool:
- Download the
.debfrom my google drive storage:
- Install that file on your system:
sudo dpkg -i filemanager-actions_3.4-1_amd64.deb - If you run into dependency errors run
sudo apt install -f
3. Install srm: sudo apt install srm
3. Write bash scripts:
a. Decryption: Create a bash script ( I called mine “dec.sh” ) called it what you want, make executable with sudo chmod +x dec.sh:
#!/usr/bin/env bash# Stop script on first error
set -e# get file extension
# and asign value to a variable "f"
f="${1%.*}"# if file extension if '.lock' run
# decryption else ignore
if [[ "${1##*.}" == lock ]]
then
openssl aes-128-cbc -d -in "$1" -out "${1%.*}" -pass file:/path/to/password/file/openssl.txt
# if tar.gz dcompress
if [[ "${f#*.}" =~ tar.xz ]]
then
# use srm command to remove original
# encrypted file
tar -xvf "$f"
srm -rfll "$f"
srm -rfll "$1"
exit 0
else
# Use shred command if ordinary file
shred -zu -n 5 "$1"
exit 0
fielse
exit 1
fiexit 1
b. Encryption: create another file and put this code in there make executable with sudo chmod +x enc.sh:
#!/usr/bin/env bash
set -e# cd into the location of
# file of interest
d=$(dirname $1)
cd "$d"# Get the name of the
# file of interest
b=$(basename $1)# Prevent another encryption
# if already encrypted
if [[ "${1##*.}" == lock ]]
then
exit 1
else
# if a directory
# compress it
if [ -d "$b" ]
then
tar -cJf "$b.tar.xz" "$b"
f="$b.tar.xz"
openssl aes-128-cbc -in "$f" -out "$f".lock -pass file:/path/to/password/file/openssl.txt && srm -rfll "$b" && srm -rfll "$b.tar.xz"
exit 0
else
openssl aes-128-cbc -in "$b" -out "$b".lock -pass file:/path/to/password/file/openssl.txt && shred -zu -n 5 "$b"
exit 0fifi
4. Add to Filemanager-Actions Configuration Tool:
Launch Filemanager-Action tool and make the following changes as seen in the images below both in the Action tab , Command tab , and the execution tab respectively.
- Action tab:
- Command tab:
- Execution tab:
Now do same for the enc.sh script substituting the names as appropriate, well with that all setup we click file button to save the entered command and of-course you will enter what ever values you like and for script folder wherever you scripts were stored.
Now we can right click on any file or folder and encrypt it and decrypt as required. This saves us a ton of time.
Ok, you just right click on any folder or file and select the Filemanager-Action options in the menu, then select encrypt or decrypt as the case may be.
Glossary:
- srm: secure_deletion toolkit
- shred: overwrite a file to hide its contents, and optionally delete it
