Command Line Encryption And Decryption Of Files Made Easy!

Encryption iconHey folks, here’s a fun little tidbit for you. Did you know that you can easily and quickly encrypt and decrypt files using one tiny little command on your super cool Linux or UNIX (Yes, OSX counts) and even Windows command line? For those that haven’t yet heard of it, it’s a command called ‘ccrypt‘. Check it out …

First we need to install ccrypt on on your system. For Debian and Ubuntu (which is based on Debian), you can simply use the apt package manager to do this. Remember that you can use the -s flag to test or simulate the install before you actually go through with it in order to make sure there are no surprises waiting for you. Logged in as your un-privileged account, the command would look like this:

sudo apt-get -s install ccrypt

Assuming everything went off as planned, you could then run the real thing:

sudo apt-get install ccrypt

For Redhat (CentOS, and others based on Redhat), they have RPM packages available for download. Along with those they have Debian, Solaris (SPARC and i386), OS/2, SuSE, OpenBSD, and FreeBSD packages as well as pre-compiled binaries for lots of platforms and OS’s, so go crazy people!!

OK, now that you have the package installed, you can have some fun whiling away the afternoon encrypting and decrypting files like mad!

To encrypt a file, run this command:

ccrypt file_name

It’s just that easy.

Naturally, you would replace ‘file_name’ with your real file information. You will be asked to enter a key or password two times. Once complete, the encrypted file will have an extension of ‘.cpt’, and the original un-encrypted file will be replaced by the encrypted file.

To decrypt the file, run the same command the same way and simply add the -d flag.

ccrypt -d file_name

You will be asked for the encryption key or password that you gave it when you encrypted it in the first place, so don’t lose it! As always you can use the ‘–help’ flag or hit up the man pages for more detailed information. Hope you enjoy it!

**ALERT**
**Danger, Will Robinson!**
Cheesy I know, but I hope it’s working. One more time – please note that when you run the command to encrypt a file, the original source file, the un-encrypted file gets replaced by the newly encrypted file. So if you are simply making an encrypted copy for example, the original is gone. If you lose or forget the encryption key or password you will be out of luck. I’m sure it can be cracked by someone, but boy that would be a pain in the arse! So, keep that in mind when you encrypt a file, the file you are encrypting goes bye, bye! It works the same way when un-encrypting, but that’s not as potentially dangerous.

Learn Solaris UNIX or Linux Today, The Real Way

OK Folks, I added this post so I could tell you about a new article that I just posted.  Just like the title here suggests, I talk about learning Solaris UNIX and/or Linux the real way or maybe it would be better said as the right way.  I don’t suppose there is a wrong or right way, but still.  In this article I reach down into the depth of not only my own knowledge but I lean heavily on my own experience as well, and use that information to share all I know and can rant about learning solid UNIX and Linux skills for the up and coming nix jockies out there.  I really hope that this article can help someone and maybe more than just one naturally.  It’s some (I think) good advice on how to get started and some of the best ways to dig in there and learn some good stuff.  Maybe in the future I’ll post more lower level hard core how to stuff and see how that goes over.  Some of that kind of stuff I have posted already (like SVM disk info and Symantec Storage Foundations (formerly Veritas Volume Manager)) has been real popular.  Anyway, for anyone interested, head on over to the Library and check out the new article on Learning Solaris UNIX and Linux today, you might find something helpful in there!  If you have any thoughts about it or something you think I should add, please drop me a line and let me know.  Thanks!

New Advisory Pages!

Whoah!  We have been busy, busy over here setting up a bunch of new advisory pages.  Just in case you are wondering, we take an RSS feed and set it up to display on a page.  So, you can click on that page link and get the latest information from that RSS feed right there on the page here at Solarum dot com.  We have many of the major feeds that IT folk would be interested in, from Microsoft and Cisco security advisories to Linux and UNIX as well.  We even include feeds from NIST, US Cert, OSVDB and more so we can keep an eye on apps and everything else too.  Not to mention that we add feeds any time we can, and especially when we find good information to share.  Enough talking, why don’t you go check them out, they are in the middle column near the top, all the information you need!  If you know of a feed that we should carry, please let us know so we can add it!!

Bash function for making locate find exact matches

This is one of the coolest and most useful things to add to my UNIX/Linux profile that I have come across in a long time. I use the locate command a lot (slocate naturally) as I am sure all of us command line monkeys do. How many times have you been frustrated by the billions of lines of results flying by your screen, piping through more or less, trying to find the one nugget of goodness that you really need? Especially when you actually know the correct name of it, just not where it lives? This is where this comes in handy (this is where this? man I am eloquent)! Add this function to your bash profile (for some that’s .bash_profile and for others it might be .bashrc, depending on your nix flavor) and you can stop all of that. I haven’t tried this with other shells aside from bash, but I don’t see why it wouldn’t work.

Basically, this function uses the locate command to find whatever you are looking for just like you do, only it uses a bit of scriptology to filter it down to the exact match of what you are looking for. Yep, that’s right, the exact match! This little tidbit can really help out when you are looking for something, take a look:

## BASH locate function for exact match
## Thanks Dark_Helmet : http://solarum.com/v.php?l=1149LV99
function flocate
{
  if [ $# -gt 1 ] ; then
    display_divider=1
  else
    display_divider=0
  fi
 
  current_argument=0
  total_arguments=$#
  while [ ${current_argument} -lt ${total_arguments} ] ; do
    current_file=$1
    if [ "${display_divider}" = "1" ] ; then
      echo "----------------------------------------"
      echo "Matches for ${current_file}"
      echo "----------------------------------------"
    fi
 
    filename_re="^\(.*/\)*$( echo ${current_file} | sed s%\\.%\\\\.%g )$"
    locate -r "${filename_re}"
    shift
    (( current_argument = current_argument + 1 ))
  done
}

It’s just that easy! Copy and paste this into your profile and add a cool helper addon companion function thingy 🙂 I wish I could say I came up with this myself, but I didn’t, I found it in some forums posted by someone named Dark_Helmet (just like the attribution link in the script). I don’t know who you are Mr. Helmet, but I thank you for your sharing this with us all, and I am passing it on! Enjoy!

Solaris patchadd Return Codes

I just posted some new goodness for all of the Solaris admins out there.  I have compiled a list of return codes from the patchadd command for both Solaris 9 and Solaris 10, and it has come in very handy over the ages.  So, I thought I would share.  Take a look at it here, and don’t forget to check out the entire library with all sorts of information in it here.  Enjoy!

Verizon Email Update and Solution

You have heard me share information about the fiasco that Verizon created.  In case you haven’t heard, I’ll recap quickly.  In the name of fighting SPAM, Verizon decided that they would block ALL port 25 SMTP traffic on their network for all of their ISP customers.  That means that anyone and everyone that uses Verizon as their ISP (DSL, FIOS, Dial-up, etc) cannot use any third party mail server or service that is configured to use the industry standard port 25.  That’s just plain stupid, but I have complained about that already.

I was in a quandary with this one, or maybe a catch-22 is a better term.  If I didn’t do anything about this “problem” that Verizon created, then all the people that I host email services for that use Verizon as their ISP are now out of luck.  They can’t send mail through their (read: my) mail servers.  So, I can just change the port that sendmail listens on, right?  Yeah, I could, and then my Verizon tethered customers can send mail again … but, all my other customers that don’t use Verizon have to change their email client settings too, since they would still be sending through port 25.  OK, I didn’t want to go down that road.  I wanted to fix the problem with the least impact on everyone. Continue reading