The application you need is gpgdir. The gpgdir application allows you to recursively encrypt and decrypt directories on your Linux system. It’s an easy to use command line tool that can save you a lot of time when you have to do a lot of encryption of files. In this article you will see how to install gpgdir and use it for basic directory encryption/decryption.

Getting and installing

The only drawback is that gpgdir is not installed on your distribution by default, it doesn’t come with GnuPG, nor is it included in your repositories. You are going to have to install manually.

If you use an rpm-based distribution you can download the rpm from gpgdir’s download page. Once you have that file downloaded you will issue the command:

rpm -ivh gpgdir-XXX.rpm

Where XXX is the release number.

If you are not using an rpm-based distribution you will have to install from source. This is actually quite easy. First download the source file. Once you have that file on your hard drive (let’s say it’s in ~/Downloads/firefox/) issue the following comands:

cd ~/Downloads/firefox

bunzip2 gpgdir-XXX.tar.bz2

tar -xvf gpgdir-XXX.tar

cd gpgdir-XXX

./install.pl (or sudo ./install.pl)

Where XXX is the release number.

You should now have a working installation of gpgdir.

Using gpgdir

Before you actually run gpgdir you have to have a gpg key generated (The article mentioned at the beginning will describe to you how this is done.) With your gpg key in mind you have to edit a single line in a file before you begin using gpgdir. The file is ~/.gpgdirrc. What you need to do is add your gpg key user name in this file. The line you need to add looks like:

use_key USERNAME

Where USERNAME is your gpg key username (not your Linux system username – although they could be the same). If you’re not sure what your gpg key user name is issue the command:

gpg –list-keys

to see the user names of your keys.

Once you have your configuration file edited you are ready to go.

The basic usage of gpgdir is:

gpgdir -e|-d DIRECTORY OPTIONS

Let’s create a test directory containing two files. So issue the following commands to create your test environment:

mkdir TEST

echo $USER > TEST/user

data > TEST/data

Now you are ready to see how this works. Let’s encrypt the files in our TEST directory.

gpgdir -e TEST

You will be prompted to enter the key’s passphrase. Once you do this you will see something like:

[+] Encrypting files in directory: /home/jlwallen/TEST
[+] Building file list...
[+] Encrypting:  /home/jlwallen/TEST/user
[+] Encrypting:  /home/jlwallen/TEST/date
[+] Total number of files encrypted: 2

If you look in the TEST directory you will now see the following:

date.gpg

user.gpg

To unencrypt these files issue the following command:

gpgdir -d TEST

You will be prompted for the password again. After gpgdir decrypts the files they will no longer be encrypted.

Excluding files

Say you want to encrypt all files in the TEST directory but the user file. To do this you would issue the command:

gpgdir -e TEST –Exclude user

All files in TEST, except user, will now be encrypted.

Final thoughts

Although you can do more with gpgdir, you now have the fundamental usage of the command.

Related posts

• Secure your files: An introduction to GnuPG (4)
• Linux tips: Encrypting and decrypting files from command line with gpg (3)
• Encrypt Thunderbird Email with Enigmail (7)
• Yoggie PICO Personal Mobile Security Computer (3)
• With Ubuntu 9.10 Arrives Wubi 9.10 (2)

Naturally I use gpg for all of this. And when I am using gpg I am using it from the command line. It’s actually quite easy to use. In this article I will show you how to create a gpg key, encrypt, and decrypt a file. You will find this such an easy task you’ll be using it more than you think.Must I install?

More than likely, if you have a modern Linux distribution, gpg is already installed. If you issue the command which gpg and you get something like /usr/bin/gpg returned, you know you have gpg installed. If you don’t see that you can install it by issuing one of these commands:

sudo apt-get install gnupg

or

yum install gnupg

Once installed you will first have to generate a key. This, too, is done from the command line.

Generate your key

To generate a key issue the command:

gpg –gen-key

Once you enter that you will be asked a number of questions pertaining to your key. These should all be fairly obvious. After you complete the generation of your key make sure you remember the username for the key as well as the passphrase.

Encrypting files

Now let’s get into the good stuff – encrypting files. To encrypt a file with gpg you will use the command structure:

gpg OPTIONS FILE

Because you are encrypting you will have to use the e option. And because you will want to encrypt the file with a specific users’ gpg key you will use the r option. So let’s say you are going to encrypt the file TEST.tgz with the gpg key of user jlwallen. To do this you would issue the command:

gpg -e -r jlwallen TEST.tgz

The resulting file would be TEST.tgz.gpg. If you tried to view the file you would instantly see it is now a binary file. If you try to untar the file you would be informed the file is not in gzip format.

Decrypting the file

Decrypting the file is just as easy as encrypting the file. We’ll stick with the same example. To decrypt the file TEST.tgz.gpg issue the command:

gpg -d -o TEST.tgz TEST.tgz.gpg

You will be prompted for the passphrase associated with the user encryption key used on the file. The d option indicates you are decrypting the file and the o option indicates what file to output the results to. After this command is issued you will be back to the TEST.tgz file.

Final thoughts

Sure there are plenty of gui tools that will make this job even easier. But there are too many instances when needing the command line will enable you to do things you can’t do with a gui.

Related posts

• Recursively encrypt directories with gpgdir (3)
• True Crypt 6 released (3)
• True Crypt 5 adds System Partition Encryption (1)
• Software to defeat Disk Encryption released (3)
• Securing your Pc with True Crypt (29)