[plug] encyption

[Cameron Patrick]

Alex Polglaze wrote:

> He asked me could I encrypt a single file on my system to prevent 
> unauthorised access. I wasn't sure, but I said that I would find out.

Yes.  Look into GPG (the GNU implementation of PGP - the two systems are
completely compatible, though).  Something like:

        $ gpg --gen-key  # create yourself a private key
        $ gpg --default-recipient-self --encrypt secret_file.txt
        $ shred secret_file.txt  # securely delete the original
        $ gpg --decrypt secret_file.gpg

There's apparently also `gpg --symmetric` which uses a passphrase only
to generate the key (so the secrecy is "what you know" only, not "what
you have" [the secret key] and "what you know" [the passphrase for your
key]).

> Alternatively, can you encrypt a whole folder, (windows term) with the 
> same effect.

You can encrypt an entire filesystem (partition) with crytoloop - people
do crazy things like encrypting /home and the swap partition of their
laptops, for instance.  There's also cfs, which allows you to encrypt
directories but in a slightly wacky and non-conformist way (which, to be
fair, is due partly to its age and portability to other operating
systems).

Cameron