4 Methods to Encrypt, Decrypt or Password Protect Files in Linux

Keep your information safe from prying eyes

Man using computer in front of the word Security digitally projected behind him

IAmMrRob / Pixabay

If you have sensitive data on your computer, it should be hidden away from prying eyes. That means taking extra steps to protect that data. How do you do that? If you’re using Linux, there are a number of tools that can help you to succeed with this task. Some of these tools are built into the operating system and some will need to be installed. Let’s take a look at four such methods that can hide your data away.

Our first method doesn’t actually employ any encryption or password protection. However, if you simply need to tuck a file away the simplest way in Linux, you can do this without having to install any third-party applications or make use of more complicated encryption tools. Here's how.

Use File Manager to Hide Files

  1. Open your distribution’s default file manager and navigate to the location housing the files you want to hide away.

    Right-click an empty spot in the file manager and click New > Folder.

    Screenshot of creating a new folder in Linux.
  2. When prompted, give the new folder a name, but make sure it begins with a period. So if you want to name the folder documents, name it .documents.

    Hidden Files

    In Linux, folders that begin with a period are called hidden folders and are not displayed, by default, in the file manager or from the command line.

  3. If you cannot see hidden folders in your file manager, hit the Ctrl+H key combination on your keyboard. You should then see all of the hidden folders and files within that directory (including the new one you just created).

  4. Move files you want to hide into that newly created folder.

Hide Those Files Again

When you’re finished hiding your files away, make sure to hit the Ctrl+H keyboard shortcut again, so the file manager will no longer display hidden files and folders.

Use Encryption Software

The next method makes use of actual encryption software. The command used for this is gpg, which is installed on almost all Linux distributions. Let’s say you want to encrypt the file ~/Documents/test.docx. Here’s how to do that:

  1. Open a terminal window and navigate to the Documents directory with the command:

    cd ~/Documents
    Screenshot of encrypting a file with the gpg command.

    Encrypt the file with the command:

    gpg -c test.docx

    When prompted, type and verify an encryption password.

  2. You should now see a new (encrypted) file, named test.docx.gpg. That new file cannot be opened without decryption.

  3. Decrypt the .gpg file with the command:

    gpg test.docx.gpg

    You will be prompted for the passphrase you created during the encryption. Type that passphrase to decrypt the file.

    Renaming Files

    If you didn’t move or delete the original file, gpg will ask if you want to overwrite the new file or give it a new name. For your first attempt at encrypting and decrypting, you should either first move the original file (before decrypting) or give the newly decrypted file a different name. Once you have the hang of encrypting/decrypting, you can always delete the original file after you’ve encrypted it.

  4. You can now open the encrypted file.

Encrypt Files With a GUI

If you prefer using a graphical (GUI) tool over the command line and you use a distribution that includes the Nautilus file manager (such as Ubuntu Desktop), you can easily add the ability to encrypt/decrypt files with a simple right-click on the target file. Here’s how:

  1. Open a terminal window and issue the command:

    sudo apt-get install seahorse-nautilus -y
  2. When prompted, type your sudo password.

  3. When the installation completes, restart nautilus with the command:

    nautilus -q
  4. Open the file manager and navigate to the file you want to encrypt.

    Right-click the file to be encrypted, and click Encrypt.

    Screenshot of encrypting a file from the file manager.

    In the next window, click Use a shared passphrase.

    Screenshot of selecting Use a shared passphrase.

    When prompted, type a new passphrase for the encryption. You’ll be asked to type this passphrase twice.

    Screenshot of entering a gpg passphrase.
  5. You should now see the newly encrypted file in the folder.

Decrypting Individual Files

To decrypt a file from the file manager, follow these steps:

  1. Right-click the file and select Open With Decrypt File.

    Screenshot of decrypting a file within the file manager.
  2. When prompted, give the file a new name and click Save.

  3. When prompted, type the encryption passphrase.

  4. Enjoy your newly decrypted file.

Encrypt a Folder

If you have a folder you want to encrypt, your best bet is either via the file manager or using the gpg-zip command. The process of encrypting folders from within the file manager is the exact same as encrypting single files, the only difference is you’ll be asked if you want to encrypt the files individually or together in a package.

Encrypting a folder from within the file manager.

If you want to encrypt a folder from the command line, you should use the gpg-zip command (which should be installed by default). Here’s how:

  1. Open a terminal window and navigate to your home directory with the command:

    cd ~/
  2. Encrypt the Documents directory with the command:

    gpg-zip -c -o Documents.gpg Documents

    The -c option instructs gpg-zip to encrypt and the -o option indicates what follows is the output (or resulting file name) for the encryption.

  3. When prompted, type (and verify) an encryption passphrase.

  4. You can then decrypt the encrypted folder in the same method you decrypted the file with the command:

gpg Documents.gpg