Password protect files and folders in Linux

Security sometimes equates to sanity. You have to keep sensitive information from prying eyes for various reasons. You might have a folder that needs to be given access only to certain people and it lives within a public folder. Or you have a folder on your desktop machine that you want to ensure no one but yourself can see. For whatever reason, there is a need for password protection of folders.

In this article I am going to show you more than one way to do this: Using permissions, using zip, and using encryption. Hopefully, in the end, you will have a method that suits your needs and your abilities.

The tools

Most likely you already have all of the tools you need installed. There could be a slight chance that gpg is not installed. To find out issue the command which gpg. This command should return the version of gpg you have installed. You should also know (as if you don't already know) that these tasks will all be completed from the command line. So open up your favorite terminal and get ready to type.

Permissions

Since we're talking about Linux, keeping other users from seeing your files/folders is actually quite simple. All you need to do is make sure the read permissions for other and group are not set. So let's say you create a folder in your home directory called ~/TEST. By default the permissions on that folder will be:

drwxr-xr-x

This means that anyone in your group and all others can read and execute from within that directory. Let's remove those permissions. To do so issue the command:

chmod -R go-rx TEST

Now the only user that can read, write, or execute from within your TEST directory is you. There is one problem with that - the root user will still have access to that folder. Or anyone with your user password for that matter. So let's take this one step further.

Zip

You may not have known this, but you can encrypt a zipped file. Let's say you don't want any user on the system seeing the contents of that particular folder. To do that with the zip command is easy. The only issue with this is the folder will now be in zipped form and the only way for you to view the contents is to unzip it. That's simple to do as well. But let's zip and encrypt using the same folder ~/TEST. To zip and encrypt this folder you would issue the command:

zip -e -r TEST TEST

You will be prompted for a password for the encryption. The above command would complete with an encrypted TEST.zip file and leave the TEST folder behind. You would then want to delete that folder so no one could see the contents. To unzip that same folder issue the command:

unzip TEST

You will then be prompted for the same password you gave for the encryption. Once you successfully enter the password the file will be unzipped.

Nautilus

There is a very simple way to encrypt files from within the Nautilus file manager. To do this you will need to install the following:

• seahorse
• seahorse-plugins

Seahorse is an encryption front-end for the GNOME desktop. More than likely seahorse is already installed, but seahorse is not. To install seahorse-plugins open up your Add/Remove Software tool, search for "seahorse" (no quotes), mark both for installation (if seahorse is already installed only mark seahorse-plugins), and click Apply to install.

Once this is install you will need to log out and log back in to apply the changes to Nautilus. After you have logged back in open up Nautilus and right click on a file or folder. You should now see, in the action menu, an entry for Encryption. You can either encrypt a single file or folder. You will, of course, have to already have created your gpg key in order to do this. But don't worry, you can create your gpg key from within Seahorse. Upon encrypting a file or folder, the only people that can  see the contents of that file or folder will be those with your encryption key.

Final thoughts

There are so many ways to protect your files/folders in Linux. Some of the above methods are much more secure than others, but each method will get you to where you want to be - safe.

Advertisement