3 encryption tools for Linux that will keep your data safe – PCWorld

Encryption is an interesting thing. The first time I saw encryption in action was on a friend’s Gentoo Linux laptop that could only boot if the USB key with the boot partition and decryption key was inserted. Cool stuff, from a geek point-of-view.

Fast forward, and revelations from Edward Snowden and ongoing concerns about government snooping are slowly bringing encryption and privacy tools into the mainstream. Even if you’re not worried about a Big Brother or some shady spy-versus-spy scenario, encryption can still protect your identity and privacy if your laptop is stolen. Think of all the things we keep on laptops: contact information, financial information, and client and company information. All of that data is worthy of protection. Luckily, Linux users have access to several tools for the affordable price of free.

There are three main methods for protecting the data on your laptop, each with its own strengths and weaknesses.

1. OpenPGP and email encryption

Using Pretty Good Privacy (PGP) encryption to protect email isn’t anything new. While the original PGP implementation is proprietary, the OpenPGP specification was written in 1997. OpenPGP makes use of public-key cryptography, which means every keypair comes with a private and public key. You use a private key (that you keep secret) to unlock and sign files, while a public key (that you give away to people) can be used to encrypt files to you and verify files you’ve signed.

In the context of email, your plaintext email is encrypted with a public key into either a file or ASCII cycphertext (which looks random to people and machines) that can only be read by someone with the matching private key. In basic terms, this means that the email is encrypted before it leaves your PC, so no amount of snooping on the email server you’re using will allow someone to see the contents of the file. This is known as end-to-end encryption. (Metadata, like the subject line, recipients, and time sent are all left in plaintext, however.)

The most widely used implementation of this standard (as far as Linux users are concerned) is GNU Privacy Guard (or GnuPG or GPG).

gpg —gen-key

To create a GnuPG keypair using the command line, use gpg —gen-key.

Most modern Linux distributions come with GnuPG preinstalled. If it isn’t, it can be easily found using your distribution’s package manager, usually with the name gpg.

While you can use GPG on the command line, it’s often easier to create and manage keys using a GUI program. The GnuPG team provides the GNU Privacy Assistant (GPA) GUI to create and manage keys. If you prefer a KDE-compatible interface, you can install Kleopatra, while GNOME 3 users might prefer GNOME’s Seahorse. GnuPG is also available for Windows using GPG4Win, which provides Windows versions of both Kleopatra and GPA.


Write a Reply or Comment:

Your email address will not be published.*