Some encryption options for Zorin

I wrote this for my daughter, who uses Zorin 16 core. She installed without encryption but now wants to encrypt some things, so I suggested these options. I hope it's useful to someone.

1. encrypt a file with gpg
-c = encrypt with password (-ca for text-format output)
-d = decrypt
-o = name for output file.
Input file name comes last.
encrypt:

gpg -c -o encrypted-file file-to-encrypt

It will ask you to enter the password twice
decrypt:

gpg -d -o decrypted-file encrypted-file

2. encrypt a pdf file

sudo apt install qpdf
qpdf --encrypt password password 256 -- file.pdf encrypted-file.pdf

Any pdf viewer will ask for the password when you try to open encrypted-file.pdf

3. encrypt a folder with gocryptfs

sudo apt install gocryptfs
mkdir Secret 
    (this folder will contain the encrypted files)
gocryptfs -init Secret

To open the encrypted folder for access, you have to use an empty folder as a mountpoint:

mkdir secret-OPEN
gocryptfs Secret secret-OPEN

Now you can move files into secret-OPEN, edit them, etc. Encrypted versions immediately appear in Secret. To close, close all apps accessing secret-OPEN, then

fusermount -u secret-OPEN

secret-OPEN folder becomes empty. You can delete it and recreate it next time, or just leave it.

4. luks-encrypted partition

sudo apt install cryptsetup

Say sda3 is a new partition you want to encrypt

sudo cryptsetup luksFormat /dev/sda3
    WARNING! this will overwrite data on /dev/sda3 irrevocably...
    Enter passphrase (twice)
sudo cryptsetup open /dev/sda3 label1
    enter passphrase
sudo mkfs.ext4 /dev/mapper/label1
sudo cryptsetup close label1

Now the partition is ready for use. It can be opened through the file manager: no further need for command line :slight_smile: Eject (unmount) to close access.

5. encrypted home

sudo apt install ecryptfs-utils
sudo adduser [new user name]
sudo usermod -aG sudo [new user name]

Then follow
https://www.howtogeek.com/116032/how-to-encrypt-your-home-folder-after-installing-ubuntu/

6 Likes