3 ways to keep safe your files

One of the most important advantages that Linux has over Windows is the file security, but many users do not try to keep safe his private data. In this little guide I am going to talk about three ways to do that, in two of them we encrypt the files.

Let’s do it, first in the easiest way:

1. Set up basic permissions from a terminal
2. Using CFS to encrypt folders
3. Using TrueCrypt to create virtual encrypted disks

1. Set up basic permissions using a terminal

This is the simplest way to protect our data, in wich you only need to set up the correct permissions in order to ban the access to non-authorized users. The only thing you need to do is typing this command:

chmod -R u+wrx,og-wrx private

Where private is a folder where we have our confidential documents. -R means that chmod will assign that permission to all files and directories recursively . u+wrx assign permissions of writing, reading y execution to ourselves; while og-wrx remove permissions permisos writing, reading y execution to others users and groups.

Of course, this is the most primitive way, but most of people do not do that, wich means a big security problem. Let’s continue with other methods more complex…

2. Using CFS to encrypt folders

CFS (Cryptographic Filesystem), is a file system that allows you to store and to recover encrypted data. CFS provides application-independent encryption/decryption of the filesystem layer that does not require modification of the underlying filesystem code nor any kind of modification of thekernel source.

Firstly, we must install CFS, for example from a Ubuntu or Debian distro:

sudo apt-get install cfs

Let’s do a quick example… the idea is creating a folder named confidential where we will store the confidential data; we can do it with the command cmkdir:

/home/cris/ $ cmkdir confidential
Key: type_a_long_password
Again: type_the_long_password_again

We must specify a password with at least 16 characters; it is important not to forget it, otherwise we won’t be able to recover the data again In addition, it is not possible to access the folder that we have created, at least in plain text. But ¿how can we put files into the folder? In order to add files we must “mount” our directory in a separate folder with plain text access, using the cattach command:

/home/cris/ $ cattach /home/cris/confidential
key: type_the_long_password

That will create a folder named confidential in /crypt (/crypt/confidential), where we can access the files normally:

/home/cris/ $ cd /crypt/confidential
/crypt/confidential $ mv /home/cris/file.odt .
/crypt/confidential $ cat /etc/fstab > backup_fstab.bak
/crypt/confidential $ cd

All the files that we add on that directory will be crypted when we detach the folder:

/home/cris/ $ cdetach confidential

If we list the files on the /home/cris/confidential folder, we will see that CFS has crypted the files and filenames:

/home/cris/ $ ls confidential
37401e3e492f0bce 71d8783a255e3b68a8da544204eb3cad

That’s it. Now on, when you want to access your encrypted data you can use the cattach command, and don’t forget to detach it later using the cdetach command

3. Using TrueCrypt to create virtual encrypted disks

This is in my own opinion the best way to encrypt our private data; TrueCrypt is a volume encryption system, wich is available for the most important distros, even of course Ubuntu. For installing it, you must download the installer for your distro. Now, if for example you have download the Ubuntu x86 one you must uncompress it and install the .deb package:

$ tar xvfz truecrypt-6.0a-ubuntu-x86.tar.gz
$ ./truecrypt-6.0a-setup-ubuntu-x86

You will see a window where you have the choice to extract the .deb package. That file will be sent to the /tmp folder, where you can install it easly using GDebi, or with the command:

$ sudo dpkg -i /tmp/truecrypt_6.0a-0_i386.deb

4 Comentarios | deja el tuyo