data encryption - was Re: [plug] protecting a tar file
Denis Brown
dsbrown at cyllene.uwa.edu.au
Thu Jul 1 10:31:08 WST 2004
On the ways of preventing the exposure of the contents of a tar file, if it
fell into the wrong hands...
At 07:04 1/07/2004 +0800, William Kenworthy wrote:
>zip -e the tar file. zip has what is considered weak encryption but is
>simple to use. There seem to be a number of other similar utilities
>that either compress and encrypt or just encrypt the file.
I was hoping to get away from file modification (eg. using zip) on the
basis that a one-bit error may be fatal to the whole thing. But then that
also applies to my acceptance of GPG, doesn't it :-)
>or something like:
>tar -zcvf - stuff|openssl des3 -salt -k secretpassword | dd
>of=stuff.des3
>and
>dd if=stuff.des3 |openssl des3 -d -k secretpassword|tar zxf -
Thanks for the tips! Hopefully useful to others, as well.
>or create a largish loopback container formated with stegfs on top of
>ext2 and put the tar into that. That should stump a script kiddie!
>Played with this when I was using ext2 and it does work.
Stegfs, eh? "StegFS - A Steganographic File System for Linux" I'd not
heard of that before. More reading to do but this looks very interesting
especially to those of us in the medical / human-data-sensitive
fields. Reference url: http://www.mcdonald.org.uk/StegFS/ They seem to
claim it is not for 2.4 kernels.
Cheers,
Denis
More information about the plug
mailing list