from best ways to encrypt files on linux

gpg

setup the key

gpg --gen-key

and enter a strong passphrase.

export public key

gpg --armor --output mypubkey.gpg --export <E-mail that you registered>

import from windows box

gpg --import mypubkey.gpg

encrypt files from windows box

gpg --output test.txt.gpg --encrypt --recipient <Receiver's E-Mail ID> test.txt

decrypt files on linux box

gpg --output test.txt --decrypt test.txt.gpg

find + gpg + tmpfs

encrypt from Windows

find . -name 'df_76*.csv' -exec gpg --output {}.gpg --encrypt --recipient guillaume.ramelet@michelin.com {} \;

decrypt from Linux

There should be better ways to do it.

Here is my process:

  1. Before starting: call mount_decrypt.sh. It mounts a tmpfs in secured_data/data, and decrypt all gpg files to this directory
  2. After work is done: call umount_decrypt.sh

gpg_decrypt.sh

#!/bin/bash
gpg_name="$1"
src_name=${gpg_name%.*}
TARGET_DATA=/home/explore/git/guillaume/d059/secured_data/data
echo "gpg decrypt $gpg_name -> $src_name"
gpg --output $TARGET_DATA/$src_name --decrypt $gpg_name(base)

mount_decrypt.sh

#!/bin/bash
GPG_DEC_CMD=/home/explore/git/guillaume/d059/secured_data/gpg_decrypt.sh
TARGET_DATA=/home/explore/git/guillaume/d059/secured_data/data
sudo mount -t tmpfs -o size=1G tmpfs $TARGET_DATA
cd /media/explore/CHACLEF/janus
find . -name 'df_76*.csv.gpg' -exec $GPG_DEC_CMD {} \;

umount_decrypt.sh

#!/bin/bash
TARGET_DATA=/home/explore/git/guillaume/d059/secured_data/data
sudo umount $TARGET_DATA