How do I password tar.gz archives?

Cyberian · 12-04-2004, 02:18 AM

1. How do I password tar.gz archives?

2. Once passworded, is there a way to break into it? Such as a hack or some sort. Or holes/flaws the archives may contain.

win32sux · 12-04-2004, 03:45 AM

this is done for you when you set the file's permissions...

for example, if you do a:

chmod 755 example.tar.gz

that sets the permissions of example.tar.gz to rwxr-xr-x, which makes it impossible for someone (on your system) to edit the file without knowing your password or using an exploit...

you can also (for example) set the permissions to 700 (rwx------), which would make it impossible for other users to even see the file's contents...

just my two cents...

daihard · 12-04-2004, 04:09 AM

Quote:

Originally posted by win32sux
this is done for you when you set the file's permisions...

for example, if you do a:

chmod 755 example.tar.gz

that sets the permissions of exmaple.tar.gz to rwxr-xr-x, which makes it impossible for someone to edit the file without knowing your password or using an exploit...

you can also (for example) set the permissions to 700 (rwx------), which would make it imposible for other users to even see the file's contents...

I'm not the OP, but I have a related question.

What if I wanted to send the file to someone else? Will the receiver become the owner of the file once he copies it? Or what if I place it on the FTP site? Can anyone who has access to the site grab it and open it up?

I'm not sure if this is available with Linux, but some UNIX systems such as Solaris offer the command called "crypt," which lets you encrypt/decrypt files with your own password. That might be a more secure way than changing the file permissions.

win32sux · 12-04-2004, 04:37 PM

yeah, once you actually download the file you can set whatever permissions you want on it... but if you didn't have read permissions for the file in the first place, then you wouldn't have been able to download it at all (without the owner's password or an exploit)...

oh, and you're right, the only way to effectively protect the file even after it has fallen into someone else's hands is to use encryption...

daihard · 12-04-2004, 08:10 PM

Quote:

Originally posted by win32sux
yeah, once you actually download the file you can set whatever permissions you want on it... but if you didn't have read permissions for the file in the first place, then you wouldn't have been able to download it at all (without the owner's password or an exploit)...

oh, and you're right, the only way to effectively protect the file even after it has fallen into someone else's hands is to use encryption...

Thanks for the response. I'm glad I wasn't too far off.

EnigmaOne · 12-04-2004, 08:32 PM

Visit: http://www.gnupg.org/ for further information on the latest information on GnuPG.

vipindas · 01-10-2008, 04:10 AM

you can use the command
gpg -c <filename>
then it will ask for the passphrase,
you can type the password and retype it
after that you will get one file having .gpg extension
it is an encrypted file..

for decrypting you should type the command
gpg <filename>

regards
dasappan

win32sux · 01-10-2008, 11:38 AM

vipindas, in the future please refrain from resurrecting dead threads.

crowdriver · 01-12-2008, 08:15 AM

thanks for posting vipindas, this was the first hit on google and it helped me out. Quick and good solution

win32sux · 01-12-2008, 04:19 PM

Quote:

Originally Posted by crowdriver

thanks for posting vipindas, this was the first hit on google and it helped me out. Quick and good solution

crowdriver, I'm glad you found his post useful. That said, I'm sure others did too, and they did not need to post back encouraging him to keep resurrecting dead threads. You've only been here for one day, so it's understandable that you aren't familiar with our dead thread policies. Hopefully we can now let this thread rest in peace, and we can focus on the ones that are alive.

LouAlbano · 10-20-2010, 07:14 AM

This thread is useful and is one of the first hits in Google when searching for "tar with password"

Policies notwithstanding, if Google indexes this high and it helps people, I think posting in an old thread should be overlooked.

After all, this place is called LinuxQuestions. One would think actual answers would be encouraged despite polices.

Adding to the discussion, ccrypt is also a viable option to password tarballs.

ft

win32sux · 10-20-2010, 06:11 PM

LouAlbano, if you have questions/complaints about moderation issues, I ask you to please make direct contact with the moderator(s) instead, as this isn't the proper venue. That said, I'm closing this zombie thread.