Showing posts with label filesystem. Show all posts
Showing posts with label filesystem. Show all posts

Friday, 8 March 2013

Encrypt/Decrypt Confidential Data Using OpenSSL

If you wish to perform encrypted file transfers, openssl provides a robust implementation of SSL v2/3 and TLS v1 as well as full strength generic cryptographic functionalities. Available for almost every commonly used operating system, openssl can be used as a general purpose tool instead of looking for other specialized tools.

If you wish to have full strength cryptographic functions, openssl is a perfect choice. Forget about all other tools that promise to provide high end encryption for your confidential data. Openssl is more than enough for most of your cryptographic needs. Personally, I can't just rely on some random software that promises to provide full strength cryptography but lacks documentations and detailed reviews. Openssl, however, has a well structured documentation and is an open source implementation.

Openssl supports several ciphers such as AES, Blowfish, RC5, etc., several cryptographic hash functions such as MD5, SHA512, etc., and public key cryptographies such as RSA, DSA, etc. Openssl has been widely used in several softwares most notably the OpenSSH.

Now that we know some basics about what OpenSSL is, lets move on encrypting/decrypting files/data using openssl. OpenSSL can take any file and then apply one of the cryptographic functions to encrypt the file. As an example, we encrypt a confidential file 'priv8' with a password "hello" below:

samar@Techgaun:~$ openssl aes-256-cbc -e -in priv8 -out priv8.enc -pass pass:hello

In order to decrypt the encrypted file, we can run the following command:

samar@Techgaun:~$ openssl aes-256-cbc -e -in priv8.enc -out priv8 -pass pass:hello

Now that you know the basic syntax, you can choose among several available cryptographic functions. There are several other symmetric ciphers available for use. The full list of these ciphers is provided by the command:

samar@Techgaun:~$ openssl list-cipher-algorithms

I hope this helps for your file encryption needs :)


Monday, 3 September 2012

Preventing Accidental Overwriting Of Files In Bash Shell

How many times has this happened to you? It used to happen once in a while with me. A Linux user learns to use the redirection operators such as '>' and '>>' but accidental overwriting starts to become common in commands you use and shell scripts you write.

The accidental overwriting of files that happens unintentionally is known as clobbering and it commonly happens while using the '>' redirection operator.

samar@Techgaun:~$ mycmd > myfile

In the above example, the mycmd clobbers any existing data in the myfile file if that file exists already. Worse things may happen sometime. Imagine accidentally typing

samar@Techgaun:~$ mycmd > /etc/passwd

instead of possibly using other redirection operators (like >> or <). Thankfully, you could recover /etc/passwd from either /etc/passwd- or /var/backups/passwd.bak if you hadn't rm'd these files.

To prevent such accidental overwriting, we can set the noclobber environment variable. Below is a session of enabling this variable:

samar@Techgaun:~/Desktop/test$ echo "" > myfile
samar@Techgaun:~/Desktop/test$ echo "Overwriting" > myfile
samar@Techgaun:~/Desktop/test$ set -o noclobber
samar@Techgaun:~/Desktop/test$ echo "Retrying to overwrite" > myfile
-bash: myfile: cannot overwrite existing file

As seen above, you have to turn on the noclobber variable using the set -o noclobber command in your shell. However, you might want to intentionally overwrite contents of certain files even when the noclobber is turned on.

samar@Techgaun:~$ mycmd >| myfile

Notice the >| in place of your normal > redirection operator. Using this operator, you can however overwrite the existing files even if the noclobber is turned on.

If you want to turn off the noclobber variable, type the following:

samar@Techgaun:~$ set +o noclobber

You can also permanently turn on the noclobber by the following command:

samar@Techgaun:~$ echo "set -o noclobber" >> ~/.bashrc

Moreover, such accidental overwriting can be prevented by enabling the interactive mode which is available in most of the linux commands. For example, you can write the alias for many commands that are likely to cause accidental overwriting. See some examples of aliases below:

samar@Techgaun:~$ alias rm=rm -i
samar@Techgaun:~$ alias mv=mv -i

You could even keep these aliases in your ~/.bashrc file permanently. Enabling such interactive modes by default in the commands that are more likely to cause accidental overwriting can prevent clobbering in many cases.

I hope this proves useful to you :)


Saturday, 1 September 2012

Access Linux Filesystems In Windows Using Linux Reader

Earlier today, I had to access my HDD in Windows 7 through USB bridge which I had been using as an internal hard disk for my laptop but unfortunately it didn't. A quick googling revealed a very useful tool by Diskinternals.

Linux Reader is a free software from Diskinternals which excel in building recovery software solutions. Linux reader supports several filesystems used by Linux OS. Below is the list of supported filesystems:

  • Ext2/3/4
  • ReiserFS, Reiser4
  • HFS, HFS+
  • FAT, exFAT
  • NTFS, ReFS
  • UFS2

The program provides for read-only access and does not allow you to make records in file system partitions. This guarantees that the interference in an alterative file system will not affect the work of Linux later. Apart from this, it is necessary to note, that it gives you an opportunity to use common Windows Explorer for extracting data. A preview option for pictures is one more pleasant point, which is worth mentioning. While saving, it ignores file security policies. It means that it is possible to access absolutely any file on a Linux disk from Windows.

More details on Diskinternal's site

Download Linux Reader