if [ $? -eq 0 ]; then echo "Success: $OUTPUT_BASE.tar.gz.enc created." echo "To extract: openssl enc -d -aes-256-cbc -in $OUTPUT_BASE.tar.gz.enc | tar xzf -" else echo "Encryption failed." exit 1 fi
| To do this... | Use this command... | |---------------|----------------------| | Encrypt an existing .tar.gz | openssl enc -aes-256-cbc -salt -in file.tar.gz -out file.enc | | Decrypt and extract | openssl enc -d -aes-256-cbc -in file.enc | tar xz | | Create from scratch (no trace) | tar cz folder/ | openssl enc -aes-256-cbc -out backup.enc | | Use GPG instead | gpg --symmetric --cipher-algo AES256 file.tar.gz | password protect tar.gz file
Now go ahead: password protect your tar.gz files. Your data—and your peace of mind—will thank you. if [ $
To add a password, you need to layer encryption on top of or within the archival process. Below are the four best methods, ranked by security and practicality. Best for: Maximum security, cross-platform compatibility, and single-file encryption. Below are the four best methods, ranked by
OpenSSL is a robust, cryptography-grade toolkit found on virtually every Linux distribution, macOS, and even Windows (via WSL or Git Bash). It uses military-grade AES (Advanced Encryption Standard) encryption. Assume you already have a file called backup.tar.gz . To password protect it, you will encrypt it into a new file.
zip --encrypt secured_container.zip backup.tar.gz Then delete the original tar.gz . To extract: unzip with the password, then untar. Best for: Automation scripts and users who want to avoid creating intermediate files.