Introduction.
Further to my page offering a "how to" on encrypting emails, this page deals with encrypting files.
There are any number of reasons you may wish to encrypt individual files, for example, maybe you have sensitive customer data, perhaps a client list or cost price tables that if they fell into your competitors hands, would amount to a gold strike.
I will repeat here, it is my belief, all company laptops should have some form of encryption. Ideally, the whole drive should be encrypted, but that is not the subject of this page.
On this page, we're going to discuss how to encrypt individual files.
Important: If you are a novice looking at encryption, please read my page on email encryption first. http://wiki.soslug.org/wiki/how_to_encrypt_emails_in_debian_etch_64_bit_pclinucos_and_ubuntu_hardy_heron This will give you a much better insight into the basics of encryption, which I do not intend to repeat here.
On this page, I am going to assume you have already installed GnuPG (explained via the above link) and what we will be concentrating on here, is installing a GUI (graphical User Interface) to enable you to encrypt individual files.
I'm also going to show you how to use the Alacarte Menu Editor, to enable a menu item for GPA, ( GNU Privacy Assistant), the graphical front end, that makes encrypting files easy, as this doesn't happen automatically and it's a pain in the neck having to invoke a command line every time you want to use encryption.
The method.
Open up good old Synaptic and install gpa.
That's actually all you have to do, however, every time you want to use it, you have to open up a terminal and type:
Clearly, when you're working in a GUI environment, it would be better to have a menu item (or icon) to click on, to make it all happen. So the next few instructions, are for creating that menu item.
Go to; Applications >> Accessories >> Alacarte Menu Editor and click on it.
This is what you'll see:
You can either make a completely new menu item, by going to File >> New Menu or you can highlight one of the existing menu items and select File >> New Entry.
I chose to highlight System Tools and place a new entry within the existing menu.
Having selected New Entry, you will get this:
There are two important boxes and two optional.
The first is fairly obvious. You need to give your entry a name; I chose Gpa. You choose whatever you like.
The second important box (Command), is the path to the executable file. If you have a standard Debian Etch installation like me, it will be /usr/bin/gpa
The final two boxes are optional. You choose to add a comment if you want to and an icon for display within the menu. I opted for the icon by clicking on the No Icon button and selecting one of the many displayed icons, but no comment. This is what it looked like:
Click on Close and you're done. Navigate now to Applications >> System Tools and this is the result:
File Encryption.
So now you're ready to encrypt files to your hearts content.
Click on Gpa and this is what you'll see:
Note: I've edited out some personal information from these screen-shots, but that will not detract from your understanding of how this application works.
This is the Keyring Editor, where you would produce your own keypair. This explained fully on the email page via the link above. Gpa simply offers an alternative window to Enigmail to achieve the same result. However, the button we are interested in, Files, and clicking on it, produces this:
Now click on Open to reveal:
As you can see, you've essentially opened a file manager, that reveals all your files from the root (/) onwards. You also have dedicated Buttons for Home, Desktop and Documents. You can make a New Folder, Rename File or Delete File.
In order to demonstrate how to encrypt a file, I created a small text document in Open Office Writer and saved it to my Home directory. You can see it in the next screen-shot named: exp11.odt.
Highlight the file you want to encrypt and select OK.
Now select the Encrypt button and a further window will pop up. It is here you select the key you want to encrypt it with and click OK. Gpa will now create a new encrypted file.
Important note: You now have two files; the original and a new encrypted version. Assuming you want this file to stay secure on your computer, you need to Delete the original file, leaving only the encrypted version on your computer. The encrypted version, now has a further extension, .gpg
In order to delete that original file, simply highlight it and click Delete File.
This is one of the few times in Linux, you will get a confirmation screen:
Click Delete and you can see, you now only have the encrypted file left:
File Decryption.
In order to Decrypt a file, it is practically the same situation.
Open up GPA and select Files >> Open.
Select the file you want to decrypt by highlighting it and press the Decrypt button.
At this point and unlike the encryption process, you will be asked for your passphrase:
Type in your passphrase:
and you will find a decrypted copy of the file in your file manager.
You can also Sign and Compress files if you wish, using the Sign button.
Conclusion.
I hope this is of help to those wishing to secure their files. As with email encryption, it is more of a learning curve, than difficult as such and once you've encrypted a few, becomes second nature.
SoSLUG Copyright
