Encryption on Linux has gotten much easier, thanks to apps like these.
If you think data is more precious than ever, you should certainly consider its security to be a priority. And with more and more businesses working with multiple platforms, you have to be prepared to work with encryption on just about every business-ready operating system available. Including Linux. Fortunately, you have plenty of encryption-ready tools to choose from.
But which tools should you be looking at? If you open up, say, the Ubuntu Software Center, you'll find the majority of tools available (under the "encryption" search results) to be nothing more than libraries to resolve dependencies. Dig a bit deeper, though, and you'll find everything you need for easy-to-use encryption. I've uncovered five such tools for encryption on the Linux platform.
Note: This article is also available as an image gallery and a video hosted by TechRepublic columnist Tom Merritt.
GnuPG (Figure A) is the basis for which all encryption is handled on Linux. Without it, you won't get very far. But don't think GnuPG is just the foundation that enables all other tools to be used. Believe it or not, you can easily encrypt a file with GnuPG from the command line. The command to encrypt a file is:
gpg -c filename
where filename is the name of the file to encrypt. The encryption will attach a .gpg extension to the file.
To decrypt a file, the command is:
This is the easiest, fastest way to encrypt files (even though you do have to touch the command line).
VeraCrypt (Figure B) is an enhanced version of TrueCrypt that works on a much more secure level. How much more secure? Well, TrueCrypt uses PBKDF2-RIPEMD160 with 1,000 iterations--and VeraCrypt uses 327,661 iterations. The GUI for VeraCrypt is simple to use and walks you through the entire process of creating encrypted containers.
One caveat: The creation, encryption, mounting, and decryption of containers take a bit of time. But the added time is worth the extra security. VeraCrypt can load containers created by TrueCrypt and convert TrueCrypt containers to the VeraCrypt format.
Files (Figure C) is the default file manager for the GNOME and Ubuntu Unity desktops. Within this user-friendly tool lies the ability to easily protect your files and folders with a low-level password encryption. Just select the file for compression, select a compression format that works with encryption (such as zip), add a password, and compress.
When you extract the compressed file, you will be prompted to enter the encryption password. Although this type of encryption isn't nearly as strong as what you would get with, say VeraCrypt, if you're looking for something quick and easy to use, this is what you want.
KGpg (Figure D) is a user-friendly interface for using GnuPG. Although you won't actually be encrypting/decrypting binary and folders with KGpg, you will be managing the encryption keys that work with a number of encryption tools. Without encryption keys, many of those tools simply won't work--and some people avoid working with encryption on Linux because of the perceived complexity of the GnuPG command-line tools.
With a GUI like KGpg, you remove that barrier to entry and managing those encryption keys becomes exponentially easier. And KGpg comes with a built-in editor that allows you to open and edit simple text documents. With this editor you can also encrypt and decrypt those documents, although you can't open documents created in tools such as LibreOffice or Microsoft Word. This is text-only.
5: Gnome Encfs Manager
Gnome Encfs Manager (Figure E) is a GUI tool for the venerable encfs file encryption system. It should be noted that there is a vulnerability with encfs that, should your system(s) be prone to attack, makes encfs not ideal for sensitive data. However, if your host system (or network) isn't prone to attack, you should be good to go.
Gnome Encfs Manager makes creating "stashes" (aka containers) easy. With just a few clicks, you can create and configure a hidden folder on your Linux directory. Options include mounting on boot, idle timeout locks, stash groups, and password change. Gnome Encfs Manager can work only with encfs, so you won't be decrypting containers from other systems--this is Linux-only.
There you have it... encryption made simple, even within the Linux platform. Some of these tools can also go well beyond user-friendliness and into the land of very powerful. But if you're looking for an app that offers the security of encryption, and does so with a nod to user-friendliness, these five apps will get you started.
Do you have a favorite Linux encryption tool that didn't make this list? Share your recommendations with fellow TechRepublic members.
- Transitioning from Windows to Linux Administration: A guide for newcomers (Tech Pro Research)
- The most obvious user for Linux isn't who you think
- Six things that make open source a no-brainer for your company
- Five free and secure messaging tools