In an earlier article we explored how to encypt text files with vim. There are several ways to encrypt binaries on Linux too; using GnuPG, external tools like VeraCrypt etc. mcrypt is a similar utility that works as a frontend to libemcrypt.

Installation

To install mcrypt on Ubuntu, run:

$ sudo apt-get install mcrypt

Usage

List the algorithms supported $ mcrypt --list We will use arcfour for our example.

List hashing algorithms supported $ mcrypt --list-hash The hash is a digest added to an encrypted file, in order to detect corruption. We will use sha384.

Compression options -z : gzip -p : bzip2

Compress a file $ mcrypt -a arcfour -h sha384 -p webcheck.dat where,

-a : algorithm to use [optional]

-h : hashing algorithm to use [optional]

-p : use bzip2 compression [optional]

mcrypt will prompt you for the key (or password).

The file is saved as webcheck.dat.bz2.nc.

Decrypt the above file $ mcrypt -d webcheck.dat.bz2.nc OR $ mdecrypt webcheck.dat.bz2.nc Extract the bz2 archive to get the original file $ bunzip2 webcheck.dat.bz2

Encrypt multiple files $ mcrypt file1 file2

mcrypt can handle files only. To encrypt a directory archive and compress it first $ tar -jcvf mydir.tar.bz2 mydir/ $ mcrypt mydir.tar.bz2

It is possible to pass a key in the cmdline using the -k parameter or in mcrypt configuration file (~/.mcryptrc) but these are not advisable as the key is exposed.

Webpage: mcrypt