We covered the creation and extraction of compressed archives such as tar on a Linux machine. A lot of Linux users use these compression formats for backups purposes. Although this compresses pretty well it does not secure the backup. To do that you need to add a password, or to encrypt it. Let’s look at a simple form of securing your backup when you create an archive.
Note: these steps apply to files and folders of any kind – not just ‘backups’.
A quick recap of the compression and extraction of the tar.gzformat. To compress a directory called todays_backup do the following:
# tar -zcf todays_backup.tar.gz todays_backup
This command will compress the directory todays_backup into the compressed file todays_backup.tar.gz. To decompress it use the following command:
# tar -zxf todays_backup.tar.gz
Now to the fun part. Let’s look at how we can add a basic level of encryption to the process we used above. To compress the directory todays_backup with protection do the following:
# tar -zcf – todays_backup|openssl des3 -salt -k yourpassword | dd of=todays_backup.des3
Replace yourpassword with a password of your own. Keep the password to yourself, and keep it carefully. The above command will generate a file called todays_backup.des3. This file can only be decompressed using this password.
To extract your protected archive file todays_backup.des3 use the following command:
# dd if= todays_backup.des3 |openssl des3 -d -k yourpassword |tar zxf –
Make note of the trailing – at the end. It is not a typo, but a requirement for this command to work. Replace yourpassword with the password you used while encrypting the file. Executing the above command will extract the compressed file todays_backup.des3 into a directory todays_backup. Use this encryption with care. As I said earlier, the only way you can retrieve your data once secured is by using the password, so do not lose this password under any circumstances.