LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Closed Thread
 
Search this Thread
Old 12-04-2004, 02:18 AM   #1
Cyberian
Member
 
Registered: May 2004
Distribution: SuSE
Posts: 117

Rep: Reputation: 15
How do I password tar.gz archives?


1. How do I password tar.gz archives?

2. Once passworded, is there a way to break into it? Such as a hack or some sort. Or holes/flaws the archives may contain.
 
Old 12-04-2004, 03:45 AM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
this is done for you when you set the file's permissions...

for example, if you do a:

chmod 755 example.tar.gz

that sets the permissions of example.tar.gz to rwxr-xr-x, which makes it impossible for someone (on your system) to edit the file without knowing your password or using an exploit...

you can also (for example) set the permissions to 700 (rwx------), which would make it impossible for other users to even see the file's contents...

just my two cents...


Last edited by win32sux; 12-04-2004 at 06:01 PM.
 
Old 12-04-2004, 04:09 AM   #3
daihard
Member
 
Registered: Jul 2003
Location: Seattle, WA
Distribution: Kubuntu 12.04
Posts: 913

Rep: Reputation: 32
Quote:
Originally posted by win32sux
this is done for you when you set the file's permisions...

for example, if you do a:

chmod 755 example.tar.gz

that sets the permissions of exmaple.tar.gz to rwxr-xr-x, which makes it impossible for someone to edit the file without knowing your password or using an exploit...

you can also (for example) set the permissions to 700 (rwx------), which would make it imposible for other users to even see the file's contents...
I'm not the OP, but I have a related question.

What if I wanted to send the file to someone else? Will the receiver become the owner of the file once he copies it? Or what if I place it on the FTP site? Can anyone who has access to the site grab it and open it up?

I'm not sure if this is available with Linux, but some UNIX systems such as Solaris offer the command called "crypt," which lets you encrypt/decrypt files with your own password. That might be a more secure way than changing the file permissions.
 
Old 12-04-2004, 04:37 PM   #4
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
yeah, once you actually download the file you can set whatever permissions you want on it... but if you didn't have read permissions for the file in the first place, then you wouldn't have been able to download it at all (without the owner's password or an exploit)...

oh, and you're right, the only way to effectively protect the file even after it has fallen into someone else's hands is to use encryption...


Last edited by win32sux; 12-04-2004 at 06:05 PM.
 
Old 12-04-2004, 08:10 PM   #5
daihard
Member
 
Registered: Jul 2003
Location: Seattle, WA
Distribution: Kubuntu 12.04
Posts: 913

Rep: Reputation: 32
Quote:
Originally posted by win32sux
yeah, once you actually download the file you can set whatever permissions you want on it... but if you didn't have read permissions for the file in the first place, then you wouldn't have been able to download it at all (without the owner's password or an exploit)...

oh, and you're right, the only way to effectively protect the file even after it has fallen into someone else's hands is to use encryption...
Thanks for the response. I'm glad I wasn't too far off.
 
Old 12-04-2004, 08:32 PM   #6
EnigmaOne
LQ Newbie
 
Registered: Aug 2003
Location: Long Beach, CA - USA
Distribution: Too many to count...
Posts: 28

Rep: Reputation: 15
Visit: http://www.gnupg.org/ for further information on the latest information on GnuPG.
 
Old 01-10-2008, 04:10 AM   #7
vipindas
LQ Newbie
 
Registered: Sep 2007
Posts: 5

Rep: Reputation: 0
setting password for linux files

you can use the command
gpg -c <filename>
then it will ask for the passphrase,
you can type the password and retype it
after that you will get one file having .gpg extension
it is an encrypted file..

for decrypting you should type the command
gpg <filename>



regards
dasappan

Last edited by vipindas; 01-10-2008 at 04:13 AM.
 
Old 01-10-2008, 11:38 AM   #8
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
vipindas, in the future please refrain from resurrecting dead threads.
 
Old 01-12-2008, 08:15 AM   #9
crowdriver
LQ Newbie
 
Registered: Jan 2008
Posts: 1

Rep: Reputation: 0
thanks for posting vipindas, this was the first hit on google and it helped me out. Quick and good solution
 
Old 01-12-2008, 04:19 PM   #10
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by crowdriver View Post
thanks for posting vipindas, this was the first hit on google and it helped me out. Quick and good solution
crowdriver, I'm glad you found his post useful. That said, I'm sure others did too, and they did not need to post back encouraging him to keep resurrecting dead threads. You've only been here for one day, so it's understandable that you aren't familiar with our dead thread policies. Hopefully we can now let this thread rest in peace, and we can focus on the ones that are alive.
 
Old 10-20-2010, 07:14 AM   #11
LouAlbano
LQ Newbie
 
Registered: Dec 2004
Location: Denver
Posts: 3

Rep: Reputation: 0
Thumbs up Dead thread

This thread is useful and is one of the first hits in Google when searching for "tar with password"

Policies notwithstanding, if Google indexes this high and it helps people, I think posting in an old thread should be overlooked.

After all, this place is called LinuxQuestions. One would think actual answers would be encouraged despite polices.

Adding to the discussion, ccrypt is also a viable option to password tarballs.

ft
 
Old 10-20-2010, 06:11 PM   #12
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
LouAlbano, if you have questions/complaints about moderation issues, I ask you to please make direct contact with the moderator(s) instead, as this isn't the proper venue. That said, I'm closing this zombie thread.

Last edited by win32sux; 10-20-2010 at 10:09 PM.
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
tar tar cvf - . | (cd /root/; tar xvf -) ewt3y Linux - General 10 02-19-2014 10:55 AM
how can i decompress this tar.tar file? hmmm sounds new.. tar.tar.. help ;) kublador Linux - Software 10 02-23-2008 05:40 AM
Password protecting tar files jayakrishnan Linux - General 3 01-13-2008 11:02 PM
Diferance between rpm, tar, tar.gz, scr.tar, etc mobassir Linux - General 12 08-21-2003 06:30 AM
tar archives of type tgz dalraidia Linux - Newbie 3 12-13-2002 09:54 PM


All times are GMT -5. The time now is 04:27 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration