How do I password protect a .tgz file with tar in Unix?
Solution 1
Simple examples:
cat filename | crypt > filename.crypt
gpg -c –o filename.gpg filename
Solution 2
You can use command:
zip -P password file.zip file
Or better:
zip -e file.zip file
man zip
Solution 3
You can use gpg (=GnuPG):
gpg -o fileToTar.tgz.gpg --symmetric fileToTar.tgz
This will prompt you for a passphrase.
To decrypt the file later on, just do a:
gpg fileToTar.tgz.gpg
This will prompt you, again, for the passphrase.
Solution 4
Neither the tar
format nor the gz
format has built-in support for password-protecting files.
The Windows zip
format combines several different piece of functionality: compression (e.g. gzip), archiving multiple files into one (e.g. tar), encryption (e.g. gnupg), and probably others. Unix tends to have individual tools, each of which does one thing well, and lets you combine them.
The Unix equivalent of a password-protected .zip
file would probably be called something like foo.tar.gz.gpg
or foo.tgz.gpg
.
And there are open-source zip
and unzip
tools for Unix, though they may not provide all the capabilities of the Windows versions (I'm fairly sure the newer .zipx
format isn't supported).
Solution 5
You can use ccrypt.
Things can be encrypted by a pipe:
tar cvvjf - /path/to/files | ccrypt > backup.tar.bz2.cpt
Or in place:
ccrypt backup.tar.bz2
For automating, you can save a passkey into a file and use this passkey to encrypt:
ccrypt -k ~/.passkey backup.tar.bz2
Related videos on Youtube
c12
Updated on September 18, 2022Comments
-
c12 over 1 year
I'm using the Unix tar command as follows to tar up a directory and its files:
tar cvzf fileToTar.tgz directoryToTar
Is there a way to password protect the .tgz file? I've created password-protected ZIP files on Windows so I would assume Unix has the same capability. Any ideas?
-
Evgeni Sergeev over 6 yearsNote:
-c
is short for--symmetric
, i.e., use the default symmetric cipher, which means that the same passphrase is used for both encryption and decryption. (As opposed to asymmetric, which involves public keys and private keys.) -
Alexander Mills almost 5 yearsthis makes no sense, where is the password?
-
Daffy almost 5 years@AlexanderMills Most password-accepting tools prompt the user for it from the terminal rather than a command line argument, as to prevent the password showing up in history.
-
tgm1024--Monica was mistreated over 4 yearsDoes zip know enough to scrub the password section of the command line the moment it's run so it doesn't show up (or only shows up for millicsonds) in a ps? That's human readable.
-
saagarjha over 4 yearsNo. My zip manpage has a warning to this effect: "THIS IS INSECURE! Many multi-user operating systems provide ways for any user to see the current command line of any other user; even on stand-alone systems there is always the threat of over-the-shoulder peeking."
-
Stephan over 3 years
crypt
should not be used since it is considered too cryptographically weak by modern standards, which is also why it isn't included with most Linux distros.