Need tool to encrypt files on Windows 7
 

I just want to archive and encrypt all files from one folder on my Windows 7 computer so I can safely back them up on my website. I installed Cygwin and I can tar the files but I can't seem to use OpenSSL. The command "openssl --help" returns "-bash: openssl: command not found" yet some openSSL files were installed with Cygwin: http://i62.tinypic.com/2dt2nty.jpg

This tutorial on "Working with tar with encryption" didn't work in all kinds of ways.

I read something on the Cygwin mailing list (which doesn't accept email from me for some reason) about OpenSSL being 32 bit. My computer is 64 bit, so maybe that's the problem. I'll try again at the command line if you have any suggestions. Here's the full list of OpenSSL things that I can install with Cygwin: http://i62.tinypic.com/14o14xe.jpg

I'm not limiting myself to the command line though, so I'm wide open to suggestions.

OpenPGP runs on both Linux and Windows. It would seem to be easier to use the Windows version on a Windows machine.

Thanks, maybe I'll try it. I just installed 7-Zip and it works fine. Too bad I can't recommend it because it doesn't meet my user friendliness standards, but it comes closer than Gpg4win.

Uh uh ... I don't think that 7-Zip securely encrypts the files. You'll need to do both.

There's a AES 256 checkbox under "encryption method."

I do not know. Is that a peer-reviewed implementation? Does it provide the certificate-based implementations available in PGP/GPG? (If "all you're doin' is a password," then in my humble "that's a fatal weakness, regardless of algorithm." You can't put a steel door in a wooden wall beside an open window...)

I don't know. Yesterday I read a long thread on another forum with all kinds of details comparing it with a competing product that's known for not being cracked by the FBI after a year of trying and it sounded like it would take even longer to crack 7-Zip's protection. 7-Zip was independently tested but not as much as the one the FBI allegedly couldn't crack. It's generally considered a good product. I can't find the thread now.

How many files ? If there are many then you may want to use truecrypt.

7zip works well and has good encryption, but it would be somewhat cumbersome to use for many files and doesn't provide all the features of more professional encryption tools like cryptsetup / dm-crypt and truecrypt. Sure I do use it, but not for many files. I mean I make a small backup for my scripts and config files to my e-mail and encrypt them with 7zip. Technically they don't even need to be encrypted, but I do so just in case.

I haven't figured out how much I'll be encrypting but yesterday I encrypted my most single important directory which came to about 120MB in one file. I think it took 3 minutes to encrypt with maximum compression and maybe another couple of minutes to upload with SFTP. I'm not sure how often I'll be doing it. Most of the files don't change between backups so that's a major source of inefficiency. Maybe I'll use a different product if it will identify the updated files and make an encrypted archive of only them.

Well, 7zip does have the ability to update files inside archives, so you should look into that.

I may try something else anyway because error messages appeared for some files or folders as I was encrypting a folder but I couldn't find an error log when it was done.

Do as you see fit. (I am not saying that you are wrong.) But, if it were me, I would encrypt those archives with GPG, having first established for myself that the process is 100% successful and reversible. Furthermore, I would use digital certificates to accomplish that encryption, securing the private-key portion of those certificates with a password. I am confident of that peer-reviewed strategy. Furthermore, it is my understanding that GPG routinely compresses files. (However, I would also be willing to 7-zip compress the data, then encrypt the 7-zip file with GPG.)

That's not my kind of software. You have to read long instructions before you can use it and I don't believe good encryption has to be that way but I'm still looking for something that saves an error log after encrypting, even if it costs money and has a back door for the government. I'm not hiding any illegal stuff.

As you've heard ... it's your data. Do as you see fit. Do what works for you. You won't necessarily be "wrong" by doing it that way, whatever "that way" turns out to be. As long as you are able to recover the data at-will and presumably no one else (easily) could do the same, "it's all good."