Linux Questions

2603 readers

1 users here now

Linux questions Rules (in addition of the Lemmy.zip rules)

stay on topic
be nice (no name calling)
do not post long blocks of text such as logs
do not delete your posts
only post questions (no information posts)

Tips for giving and receiving help

be as clear and specific
say thank you if a solution works
verify your solutions before posting them as facts.

Any rule violations will result in disciplinary actions

founded 2 years ago

MODERATORS

possiblylinux127@lemmy.zip

Good program to encrypt usb drive in exfat format (lemmy.world)

submitted 1 week ago by HotsauceHurricane@lemmy.world to c/linuxquestions@lemmy.zip

3 comments fedilink hide all child comments

I have a usb drive I want to take with me but I want to add a password for basic safety reasons, & it needs to be readable by many computers. Any recommendations?

top 3 comments

sorted by: hot top controversial new old

[–] Tuuktuuk@sopuli.xyz 4 points 1 week ago* (last edited 1 week ago)

The standard Linux command for encryption is gpg. And in this case, because you want to encrypt with password, it's gpg -c, more specifically.

That can only encrypt one file, though. So, what you do is turn it into a package (like .zip on Windows)

This is done with tar -cvzf.

So: tar -cvzf trumpisafascist.tar.gz name_of_folder_to_encrypt, then gpg -c trumpisafascist.tar.gz

And, Linux enables you to pack everything on one line:
tar -cvzf - foldernamehere | gpg -c > trumpisafascist.tar.gz.gpg

Of course, even easier is to make these two text files:
Save this in a text file as encrypt.sh:

#!/bin/sh  

tar -cvzf - unencryptedfolder | gpg -c > trumpisafascist.tar.gz.gpg && rm -rf unencryptedfolder

Save this in a textfile as unencrypt.sh:

#!/bin/sh  

gpg -d trumpisafascist.tar.gz.gpg | tar -xvzf - && rm trumpisafascist.tar.gz.gpg

&& means "do the following only if the previous command was executed successfully".

Then say mkdir unencryptedfolder (to create a folder with that name; if you want to use a different name for your folder, update that same name in the two files!) chmod +x encrypt.sh and chmod +x unencrypt.sh (to make those files executable by double-clicking them). These things can also be done by pointing and clicking on most Linux distributions. Right click the encrypt.sh file, choose Properties, and give "Others" the right to execute the file. Should work usually, but of course the text commands will.work always.

Now everything you have in the folder unencryptedfolder gets encrypted and the folder deleted when you double-click encrypt.sh, and if you double-click unencrypt.sh, then the file is unencrypted and extracted, after which the encrypted file is deleted. If double-clicking doesn't work, you can also navigate to the usb drive on command line and say ./encrypt.sh and ./unencrypt.sh.

This uses gnupg to encrypt the file, tar to make a package and gzip to compress that package. You should be able to find a windows program for unencrypting gnupg files, and I think windows can probably readily extract a gzipped tar file? If not, then this needs to be altered to use .zip instead. Probably works by using zip and unzip instead of tar -cvzf and tar -xvzf, but I am not sure and don't have a computer around for trying.

Also, always remember to fight fascism!

[–] liliumstar@lemmy.dbzer0.com 3 points 1 week ago

I always use veracrypt for stuff like this. You can encrypt a whole device or partition. It will appear like random data without veracrypt and your password.

You can have a second unencrypted partition with veracrypt portable or installers on it, but this is theoretically a security risk.

[–] HotsauceHurricane@lemmy.world 1 points 1 week ago

Thanks guys. I'll look into these & see what I come up with.