Linux Basics: How to hide, lock, encrypt, and secure your files on Linux
Hiding, locking, or even encrypting your files and folders on Linux is pretty easy, and for whatever reason you want to do this there are many different approaches that you can follow. Here is a quick guide on how to hide, lock, and secure your files in the easiest way possible.
Whatever file or folder you want to hide on your system, you may simply add a dot (.) at the start of its name and confirm the renaming action. If your file manager isn’t configured to show hidden files, the file/folder will disappear from view. You may toggle hidden files with “Ctrl+h” or open a terminal and typing “ls -a”.
Of course, it is easily understood that hiding isn’t a serious security measure but only a prerequisite to avoid mistakes in the deletion of files, etc. Do not expect that hiding something will protect it from other users of the system, and if you want something like that you should proceed to the locking part of this guide.
The easiest way to lock others from even viewing a file is to change its permissions. Simply right-click on the file, select the “Properties” option, then click on the “Permissions” tab, and finally change the type of access of other users to “None”.
You may even lock the file from yourself if you want for an extra security step, and you may also do so through the terminal with the command “chmod go-w yourfileame” and then “go+w” to get back permission to write the file/folder.
OK, the above was good but if you need to really secure a file or folder you will need to lock it with a password. The easiest way to do this is is by using your default file archiving tool to create a new archive, and then enabling the password option and setting a password. Note that this can’t be done in all types of archive files, and your best bet for this to work right is the “zip” files.
Encrypting is the best way to secure your file so I am mentioning this step as the final one of this quick guide. One of the simplest tools to use for this task is a packet called “mcrypt” that works through the terminal by simply typing the mcrypt command followed by the filename. The utility will prompt you to enter a password twice and then it will generate a new file of a NetCDF type.
If you delete the original file, then you are left with the encrypted one that needs your password to get decrypted with the “mcrypt -d” command as shown below.