Tapping the Hive Mind: Simple Encryption in Linux

[athelind]

Question for the Hive Mind:

I am using Ubuntu Linux 9.04.

I want to simply hash up a text file, so I can just push a button or enter a short password to unlock it. This doesn't need to be bulletproof; when I was running Windows, I used EditPad Lite's ROT-13 function for the same purpose. It does, however, need to be portable: I want to be able to encrypt a file on the laptop, and open it on the desktop using the same application.

The gedit GNOME text editor has an Encrypt/Decrypt plug-in, but it drops into the OpenPGP "Passwords and Encryption Keys" application, which is a) incomprehensible gobbledygook¹, b) overkill worthy of SlitherSting², and, most importantly c) not, insofar as I can tell, particularly portable: any pass phrase I come up with will be linked to a locally-stored Encryption Key File.

That last one HAS to be wrong. The whole point of PGP is to pass encrypted files around, right?

OpenPGP also makes passwords pass phrases encryption keys thingamabobs that expire after a maximum of six months, and I don't want that. Yes, I know, blah blah blah security blah blah, but I'm not a Swiss bank. I want to be able to hash a file, ignore it for a couple of years, and then open it up and still be able to use it, even if it's on a different machine.

Heck, I've got a command-line ROT-13 hash app for Ubuntu. If I knew enough about the Ubuntu equivalent of a DOS .BAT file, I'd whip something up that just let me enter "Innocuous Command" at the command prompt, and it would turn it into "Decrypt location/hashfu.bar > location/useful.txt", and another one to go the other way.

Now, I wouldn't mind PGP-level security, if I could make it portable and access it with a minimum of fuss.

---

¹"Ubuntu" is not in the default dictionary for the spell-checker in Ubuntu, but "gobbledygook" and "thingamabobs" are.
²Yes, that will get an Argot entry eventually.

---

You know, I'm gonna Andy Rooney here for a minute.

There's an ongoing and, as far as I can tell, unsolved conflict between Keeping Your Data Secure and Actually Being Able To Use It Yourself.

I constantly hear that :

• Passwords should be hard to guess.
  • This, of course, makes them hard to remember.
  
  
• The best passwords are completely random.
  • ... making them impossible to remember.
  
  
• You should have different passwords for every site and log-on.
  • ... giving you vast amounts to remember.
  
  
• You should change your passwords regularly.
  • Ibid.
  
  
• You should never, ever write them down, because anyone who finds your password book has access to your whole life.
  • Not that you have much of a life, since you spend all your time trying to access sites whose passwords you no longer remember.
  
  
• You shouldn't store them on your computer, either, because anyone with physical access to your machine will, again, have full access to Your Whole Life.
  • Besides, if anything happens to your computer, or if you have to use a different one, you'll have totally forgotten all your passwords.

Summary: Online Security and Password Protection lie somewhere between Catch-22 and Kobayashi Maru. Unless you spent the points for Full Eidetic Memory, you have to compromise on at least one of the above, and probably more.

That's not really a question. It's just me bitching.

---

Comments

[the-gneech.livejournal.com]

Just imagine what those of us who have to manage three different server technologies (and the administration panels thereof) replicated across six different servers have to go through!

-The Gneech

[toob.livejournal.com]

God, THANK you. I'm glad I'm not the only one driven crazy by this. Work has probably 8-10 passwords for different systems we have to remember, and we're forced to change them (and use numbers, mixed-case, and special characters!) every three months, and not reuse old password.

Also with some of them, if we enter the wrong password 3x in a row, we're locked out of the system.

[araquan.livejournal.com]

This is something I've had issues with as well. Well, both the password thing and the portable data file encryption thing. Actually, what would be ideal for me would be portable disk image encryption, but even that is hard to come by. PGP has always been too much of a pain... Mac OS's encrypted disk image system is delightfully simple to use and copy to another system (you can add the passwords to your keychain but it's not at all required) but it's restricted to that platform... I have yet to find something both truly simple to use and portable^*. Actually, portable ones at all I've rarely seen.

Meanwhile, if a site (including Disney's own cast portal stuff) demands that I switch incomprehensible passwords around every 90 days or so, I just let it expire, feign ignorance, get a reset, and set my old fave password back again. At least in D's systems, a reset clears the history so I can do that.

As for the Linux/Unix equivalent of a .BAT file though, the term you want is "shell script." Those can be quite simple or quite complex... I think I recall helping you set up one or two at some point but that was a while back, to say the least.

^*By "portable" I mean "easily usable on multiple hardware/OS platforms", not "easily usable on different computers of the same platform." The "USB keyfob of goodies you can run on Windows computers without installing them to the HD" crowd has hijacked the term and I want it back, dammit.

[leonard-arlotte.livejournal.com]

The password thing is even more fun for me, because some nimrod in upper management has decided that we should be changing passwords every thirty days!

Despite the fact that the nationally renowned head of the computer security foundation here (Eugene Spafford for those of you in the know) has repeatedly stated how this policy will only cause passwords to be LESS secure.

[athelind.livejournal.com]

You did indeed help me with a shell script or two, but it was far enough back that I couldn't remember the phrase "shell script".

And "portable between Ubuntu systems" is sufficiently "portable" for me right now.

[athelind.livejournal.com]

Ooh! Can you link me to one of his statements to that effect? Preferably one where he 'splains the reasoning behind it.

[eggshellhammer.livejournal.com]

Don't use passwords, use passphrases - long sentences with some tangential relationship to the thing they unlock and some content which is random. If it's a good long passphrase, it's easy to remember and you can probably use it for most things.

Have at least two passwords - a 'casual' password you use for everything, and a 'high security' password you use for stuff that seriously needs to not get compromised.

[drleo.livejournal.com]

I'm going to give you the answer to your question first, and then I will give you some cryptography background notes you can skip or just glaze on. Or if my explanation is confusing or you want more detail, feel free to ask.

What you want is to use one of those PGP-style applications in "symmetric cipher mode." You make up a passphrase, and it encrypts your file to that passphrase. Move the file elsewhere, decrypt it, and you put in the same passphrase. You don't need to carry around any key file.

I use GnuPG for this purpose, which is another PGP variant. You can install it as a package from Ubuntu with apt-get. It's probably called "gnupg". And it's actually quite simple to use:

To encrypt: gpg -c <file to encrypt>
You will be prompted for a passphrase, and out pops a file called the same thing with ".gpg" appended to it. You can then delete the original and just the encrypted version remains.

Full disclosure: Technically, just deleting the original file isn't the kind of secure wipe that the truly paranoid would insist upon to protect the original contents. I'm guessing you don't care enough to bother with that.

To decrypt: gpg <encrypted file.gpg>
You will again be prompted for a passphrase, and out pops the original file without the .gpg extension. (If the original filename exists already, you will be prompted to overwrite.)

And now, crypto notes:

Regarding "any pass phrase I come up with will be linked to a locally-stored Encryption Key File." This is how you pass things around, but between different people, and is the default way PGP applications encrypt data. Remember, PGP was intended for sending encrypted email between different people. This is the asymmetric mode (as opposed to the symmetric mode I described above). As in, I want to send you an encrypted document, and you and I each have a public/private key pair. Everyone knows your public key, and can encrypt the document to your public key. You can then use your private key to decrypt. In the asymmetric mode, the passphrase you so often hear about is a key used to encrypt the private key data, so it's not kept unprotected when stored on disk. So the passphrase unlocks the private key, and the private key is what unlocks the encrypted document you've received. That's why, in this mode, you need to keep key data around. You actually don't even have to have a passphrase; but this means your private key is kept on disk unencrypted, which is just considered a bad idea, since anyone who gets access to it could then use it to decrypt.

Your confusion stems from using the asymmetric mode to store documents for yourself: you are, in effect, sending the document to yourself. You can do this, and it's secure (so long as your private key is protected), but it's not the intended purpose of this mode.

But in symmetric mode, you're not using a passphrase to unlock the real key. The passphrase itself is the real key. And so there's no baggage you need to carry around. And more full disclosure: this means the strength of the encryption on your document is related to the security of your chosen key. Again, it sounds as though this modest security is acceptable to you.

[cpxbrex.livejournal.com]

Oh, yeah, there's always been a trade-off between usability and convenience. This is probably the single biggest security problem, period. I don't just mean for you and me, but also for huge corporations and governments and armies. It's just something that we have to accept. I accept it by not worrying about it too much. Cyber-security doesn't bother me so much because I feel it's pretty superficial. I don't think the revolution will be webcast. ;)

Thank you!

[athelind.livejournal.com]

You totally get the cookie. I was hoping someone could explain how to make one flavor or another of PGP do what I wanted it to do.

And, yeah—I grok enough about the principles behind encryption to know that Security ∝ Key Length.

My stated parameters were "at least as secure as ROT-13", after all, and I'm well aware that's pretty lame.

[kfops.livejournal.com]

Hey, thanks for that reply!

I've been dabbling in very basic GPG for a while with a couple clients, but I wasn't aware of the symmetric mode, which is something I had been looking for as well. This is great!

*goes to encrypt everything on his HD*

Re: Thank you!

[kfops.livejournal.com]

I'm also not certain about Gnome, but in KDE I can encrypt/decrypt files with a right-click on the icon. I'm assuming Gnome has something similar.

[leonard-arlotte.livejournal.com]

Gladly.

[zeeth_kyrah]

In a text editor:

#!/bin/bash
/bin/rot13 %1 > %1

Save as 'r31', then at the command line, chmod +x r31; when you want to use it, ./r31 filename.txt

Better yet, there should be a file (usually hidden by dot-convention, use ls -laF to see all your files plus attributes) typically called the .rc file, which holds the script that gets run when you login. You can edit that file to add alias r31 '/bin/rot13' or equivalent alias command (different shells have slightly different formats, man alias to discover yours, though sometimes the man page for your install throws a middle finger exception and just discusses the shell instead of specific shell commands).

[zeeth_kyrah]

GRC.com has an excellent high-security password generator. Save one in a text file to a thumbdrive, or perhaps save several, and next time you need one you can copy and paste from your physically secured data device.

[zeeth_kyrah]

Encrypts the hard drive itself

Re: Thank you!

[athelind.livejournal.com]

Oh, lookie there! GNOME has that, too -- but it still tells me it can't find encryption keys and fires up the same app as gedit, so I'm gonna have to spend some time with the Help Manual to see how to go all symmetric an' stuff.

[kfops.livejournal.com]

You must get to know me better to realise exactly how bad an idea this is!

I'd never be able to access my data again.

Which my wife would probably applaud, come to think of it.

Re: Thank you!

[kfops.livejournal.com]

Ah, so close but so far.

What I'm wondering is maybe that is an oversight from the folks that made the GUI widget for encrypting. They might've assumed that if you were using a function of GPG you'd need a key.

Because I have a key already I get a display that shows my keys and then below it is a check-box to use symmetric encryption. As soon as I check that it disables the keys and other options and just asks for the pass-phrase.

Maybe you just need to generate a "throw-away" key that'll let you get to the rest of the GUI?

[mocha-mephooki.livejournal.com]

My passwords are all gibberish sequences made from old cardboard game-wheels that used to come as copy-protectors in computer games back in the 80's... so all I actually need to remember is which game goes with which password, and what the key is... usually something simple associated with that game.

That information, I can masterfully memorize... and if I was to ever lose the code wheels, I know the game, so I can look up PDF files of the original packaging materials, and re-print myself a copy.

Perfect solution, as far as I'm concerned!