4 Methods to Encrypt, Decrypt or Password Protect Files in Linux

Keep your information safe from prying eyes

Man using computer in front of the word Security digitally projected behind him

IAmMrRob / Pixabay

Linux offers several useful tools to protect your data from prying eyes. Some of these tools are built into the operating system and some must be installed. Let’s take a look at four such methods that can hide your data away.

Use File Manager to Hide Files

The first method doesn’t actually employ any encryption or password protection. It relies on a feature of Linux's file-display logic to "hide" something in plain sight.

  1. Open your distribution’s default file manager in the location where you want to hide a file or folder.

    Right-click an empty spot in the file manager and click New > Folder.

    Screenshot of creating a new folder in Linux.
  2. When prompted, give the new folder a name, but make sure it begins with a period. So if you want to name the folder documents, name it .documents.

    Hidden Files

    In Linux, folders that begin with a period are called hidden folders and are not displayed, by default, in the file manager or from the command line.

  3. If you cannot see hidden folders in your file manager, press Ctrl+H. You should then see all of the hidden folders and files within that directory (including the new one you just created).

  4. Move files you want to hide into that newly created folder.

Use Encryption Software

The next method makes use of encryption software. The command used for this is gpg, which is installed on almost all Linux distributions. Let’s say you want to encrypt the file ~/Documents/test.docx. Here’s how to do that:

  1. Open a terminal window and visit the Documents directory with the command:

    cd ~/Documents
    Screenshot of encrypting a file with the gpg command.

    Encrypt the file with the command:

    gpg -c test.docx

    When prompted, type and verify an encryption password.

  2. You should now see a new (encrypted) file, named test.docx.gpg. That new file cannot be opened without decryption.

  3. Decrypt the .gpg file with the command:

    gpg test.docx.gpg

    You will be prompted for the passphrase you created during the encryption. Type that passphrase to decrypt the file.

    Renaming Files

    If you didn’t move or delete the original file, gpg will ask if you want to overwrite the new file or give it a new name. For your first attempt at encrypting and decrypting, you should either first move the original file (before decrypting) or give the newly decrypted file a different name. Once you have the hang of encrypting/decrypting, you can always delete the original file after you’ve encrypted it.

  4. You can now open the encrypted file.

Encrypt Files with a GUI

If you prefer using a graphical tool and you use a distribution that includes the Nautilus file manager (such as Ubuntu Desktop), encrypt and decrypt files with a simple right-click on the target file. Here’s how:

  1. Open a terminal window and issue the command:

    sudo apt-get install seahorse-nautilus -y
  2. When the installation completes, restart Nautilus with the command:

    nautilus -q
  3. Open the file manager and visit file you want to encrypt.

    Right-click the file to be encrypted and click Encrypt.

    Screenshot of encrypting a file from the file manager.

    In the next window, click Use a shared passphrase.

    Screenshot of selecting Use a shared passphrase.

    When prompted, type a new passphrase for the encryption. You’ll be asked to type this passphrase twice.

    Screenshot of entering a gpg passphrase.
  4. You should now see the newly encrypted file in the folder.

Decrypting Individual Files

To decrypt a file from the file manager, follow these steps:

  1. Right-click the file and select Open With Decrypt File.

    Screenshot of decrypting a file within the file manager.
  2. When prompted, give the file a new name and click Save.

  3. When prompted, type the encryption passphrase.

Encrypt a Folder

Encrypt folders using the file manager or the gpg-zip command. The process of encrypting folders from within the file manager is the same as encrypting single files, the only difference is you’ll be asked if you want to encrypt the files individually or together in a package.

Encrypting a folder from within the file manager.

To encrypt a folder from the command line, use the gpg-zip command. Here’s how:

  1. Encrypt (e.g.) the Documents directory with the command:

    gpg-zip -c -o Documents.gpg Documents

    The -c option instructs gpg-zip to encrypt and the -o option indicates what follows is the output (or resulting file name) for the encryption.

  2. When prompted, type (and verify) an encryption passphrase.

  3. You can then decrypt the encrypted folder in the same method you decrypted the file with the command:

gpg Documents.gpg