How to encrypt file with tar command or other compress option on Linux?

Dear All,

I want to encrypt my database and and application back up file with compression like tar command.
Do you have any idea how to do this?
Sida SayInfrastructure EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Shiju JacobInfo Security ManagerCommented:
For my part, I mainly use two methods:

First method: tar and openssl
Tar the directory
tar cvf backup.tar /path/to/folder

You can remove the [v] switch from the tar command to switch off the verbose mode.

openssl aes-128-cbc -salt -in backup.tar -out backup.tar.aes -k yourpassword

You can change aes-128-cbc to any other cipher method openssl supports (openssl --help).

openssl aes-128-cbc -d -salt -in backup.tar.aes -out backup.restored.tar

It will ask for the password.

Second method: encrypted zip

zip -r -0 -e /path/to/folder

It will ask for the password.

    -r means recursively (whole folder tree)
    -0 means store only (doesn't compress, faster)
    -e means encrypt archive

One advantage of this: it will better operate with windows based system.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
You can use zip with -e option for password protection.
You can do without saving temp unencrypted files:

tar cf - /data/* | pbzip2 -9 | openssl ....
(choose openssl parameters from ohers' posts)
openssl -d ... | bzcat | tar tvf -
Dave HoweSoftware and Hardware EngineerCommented:
don't use the built in zip - the encryption is of low quality and easily bypassed.

openssl or gpg are good choices, but don't compress and should be used to encrypt a tgz after the fact. Versions are of course available to decrypt on windows.

7z is available for linux, can compress well, and encrypt with AES@256 bit.  In ubuntu (at least) you can install by typing "apt-get install p7zip-full"

command then is "7z a -p<password> <archive>.7z <filespec>"
I prefer tar and gpg.

This command will tar up the files, and compress with gzip, then encrypt with gpg.

tar czvpf - file1.sql file2.txt  | gpg --symmetric --cipher-algo aes256 -o myarchive.tar.gz.gpg

it will ask you from a passphrase that you will need to decrypt later.

To decrypt and extract you would run:

gpg -d myarchive.tar.gz.gpg | tar xzvf -
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.