mirror of
https://github.com/LCTT/TranslateProject.git
synced 2025-01-16 22:42:21 +08:00
commit
a13927b130
@ -1,119 +0,0 @@
|
|||||||
[#]: subject: (Encrypt and decrypt files with a passphrase on Linux)
|
|
||||||
[#]: via: (https://opensource.com/article/21/7/linux-age)
|
|
||||||
[#]: author: (Sumantro Mukherjee https://opensource.com/users/sumantro)
|
|
||||||
[#]: collector: (lujun9972)
|
|
||||||
[#]: translator: (geekpi)
|
|
||||||
[#]: reviewer: ( )
|
|
||||||
[#]: publisher: ( )
|
|
||||||
[#]: url: ( )
|
|
||||||
|
|
||||||
Encrypt and decrypt files with a passphrase on Linux
|
|
||||||
======
|
|
||||||
Age is a simple, easy-to-use tool that allows you to encrypt and decrypt
|
|
||||||
files with a single passphrase.
|
|
||||||
![Scissors cutting open access to files][1]
|
|
||||||
|
|
||||||
Encryption and security for protecting files and sensitive documents have long been a concern for users. Even as more and more of our data is housed on websites and cloud services, protected by user accounts with ever-more secure and challenging passwords, there's still great value in being able to store sensitive data on our own filesystems, especially when we can encrypt that data quickly and easily.
|
|
||||||
|
|
||||||
[Age][2] allows you to do this. It is a small, easy-to-use tool that allows you to encrypt a file with a single passphrase and decrypt it as required.
|
|
||||||
|
|
||||||
### Install age
|
|
||||||
|
|
||||||
Age is available to [install][3] from most Linux repositories.
|
|
||||||
|
|
||||||
To install it on Fedora:
|
|
||||||
|
|
||||||
|
|
||||||
```
|
|
||||||
`$ sudo dnf install age -y`
|
|
||||||
```
|
|
||||||
|
|
||||||
On macOS, use [MacPorts][4] or [Homebrew][5]. On Windows, use [Chocolatey][6].
|
|
||||||
|
|
||||||
### Encrypting and decrypting files with age
|
|
||||||
|
|
||||||
Age can encrypt and decrypt files with either a public key or a passphrase set by the user.
|
|
||||||
|
|
||||||
#### Using age with a public key
|
|
||||||
|
|
||||||
First, generate a public key and write the output to a `key.txt` file:
|
|
||||||
|
|
||||||
|
|
||||||
```
|
|
||||||
$ age-keygen -o key.txt
|
|
||||||
Public key: age16frc22wz6z206hslrjzuv2tnsuw32rk80pnrku07fh7hrmxhudawase896m9
|
|
||||||
```
|
|
||||||
|
|
||||||
### Encrypt with a public key
|
|
||||||
|
|
||||||
To encrypt a file with your public key:
|
|
||||||
|
|
||||||
|
|
||||||
```
|
|
||||||
`$ touch mypasswds.txt | age -r ageage16frc22wz6z206hslrjzuv2tnsuw32rk80pnrku07fh7hrmxhudawase896m9 > mypass.tar.gz.age`
|
|
||||||
```
|
|
||||||
|
|
||||||
In this example, the file `mypasswds.txt` is encrypted with the public key I generated and put inside an encrypted file called `mypass.tar.gz.age`.
|
|
||||||
|
|
||||||
### Decrypt with a public key
|
|
||||||
|
|
||||||
To decrypt the information you've protected, use the `age` command and the `--decrypt` option:
|
|
||||||
|
|
||||||
|
|
||||||
```
|
|
||||||
`$ age --decrypt -i key.txt -o mypass.tar.gz mypass.tar.gz.age`
|
|
||||||
```
|
|
||||||
|
|
||||||
In this example, age uses the key stored in `key.text` and decrypts the file I created in the previous step.
|
|
||||||
|
|
||||||
### Encrypt with a passphrase
|
|
||||||
|
|
||||||
Encrypting a file without a public key is known as symmetrical encryption. It allows a user to set the passphrase to encrypt and decrypt a file. To do so:
|
|
||||||
|
|
||||||
|
|
||||||
```
|
|
||||||
$ age --passphrase --output mypasswd-encrypted.txt mypasswd.txt
|
|
||||||
Enter passphrase (leave empty to autogenerate a secure one):
|
|
||||||
Confirm passphrase:
|
|
||||||
```
|
|
||||||
|
|
||||||
In this example, age prompts you for a passphrase, which it uses to encrypt the input file `mypasswd.txt` and render the file `mypasswd-encrypted.txt` in return.
|
|
||||||
|
|
||||||
### Decrypt with a passphrase
|
|
||||||
|
|
||||||
To decrypt a file encrypted with a passphrase, use the `age` command with the `--decrypt` option:
|
|
||||||
|
|
||||||
|
|
||||||
```
|
|
||||||
`$ age --decrypt --output passwd-decrypt.txt mypasswd-encrypted.txt`
|
|
||||||
```
|
|
||||||
|
|
||||||
In this example, age prompts you for the passphrase, then decrypts the contents of the `mypasswd-encrypted.txt` file into `passwd-decrypt.txt`, as long as you provide the passphrase that matches the one set during encryption.
|
|
||||||
|
|
||||||
### Don't lose your keys
|
|
||||||
|
|
||||||
Whether you're using passphrase encryption or public-key encryption, you _must not_ lose the credentials for your encrypted data. By design, a file encrypted with age cannot be decrypted without the key used to encrypt it. So back up your public key, and remember those passphrases!
|
|
||||||
|
|
||||||
### Easy encryption at last
|
|
||||||
|
|
||||||
Age is a really robust tool. I like to encrypt my sensitive files, especially tax records and other archival data, into a `.tz` file for later access. Age is user-friendly and makes it very easy to get started with encryption on the go.
|
|
||||||
|
|
||||||
--------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
via: https://opensource.com/article/21/7/linux-age
|
|
||||||
|
|
||||||
作者:[Sumantro Mukherjee][a]
|
|
||||||
选题:[lujun9972][b]
|
|
||||||
译者:[译者ID](https://github.com/译者ID)
|
|
||||||
校对:[校对者ID](https://github.com/校对者ID)
|
|
||||||
|
|
||||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
|
||||||
|
|
||||||
[a]: https://opensource.com/users/sumantro
|
|
||||||
[b]: https://github.com/lujun9972
|
|
||||||
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/document_free_access_cut_security.png?itok=ocvCv8G2 (Scissors cutting open access to files)
|
|
||||||
[2]: https://github.com/FiloSottile/age
|
|
||||||
[3]: https://github.com/FiloSottile/age#installation
|
|
||||||
[4]: https://opensource.com/article/20/11/macports
|
|
||||||
[5]: https://opensource.com/article/20/6/homebrew-mac
|
|
||||||
[6]: https://opensource.com/article/20/3/chocolatey
|
|
@ -0,0 +1,118 @@
|
|||||||
|
[#]: subject: (Encrypt and decrypt files with a passphrase on Linux)
|
||||||
|
[#]: via: (https://opensource.com/article/21/7/linux-age)
|
||||||
|
[#]: author: (Sumantro Mukherjee https://opensource.com/users/sumantro)
|
||||||
|
[#]: collector: (lujun9972)
|
||||||
|
[#]: translator: (geekpi)
|
||||||
|
[#]: reviewer: ( )
|
||||||
|
[#]: publisher: ( )
|
||||||
|
[#]: url: ( )
|
||||||
|
|
||||||
|
在 Linux 上用密码加密和解密文件
|
||||||
|
======
|
||||||
|
age 是一个简单的、易于使用的工具,允许你用一个密码来加密和解密文件。
|
||||||
|
![Scissors cutting open access to files][1]
|
||||||
|
|
||||||
|
长期以来,保护文件和敏感文档的加密和安全一直是用户关心的问题。即使我们越来越多的数据被存放在网站和云服务上,并由带有越来越安全和具有挑战性的密码的用户账户来保护,但能够在我们自己的文件系统中存储敏感数据仍有很大的价值,特别是当我们能够快速和容易地加密这些数据时。
|
||||||
|
|
||||||
|
[age][2] 能让你这样做。它是一个小型的、易于使用的工具,允许你用一个密码加密一个文件,并根据需要解密。
|
||||||
|
|
||||||
|
### 安装 age
|
||||||
|
|
||||||
|
age 可以在大多数 Linux 软件库中[安装][3]。
|
||||||
|
|
||||||
|
要在 Fedora 上安装它:
|
||||||
|
|
||||||
|
|
||||||
|
```
|
||||||
|
`$ sudo dnf install age -y`
|
||||||
|
```
|
||||||
|
|
||||||
|
在 macOS 上,使用 [MacPorts][4] 或 [Homebrew][5]。在 Windows 上,使用 [Chocolatey][6]。
|
||||||
|
|
||||||
|
### 用 age 加密和解密文件
|
||||||
|
|
||||||
|
age 可以用公钥或用户设置的密码来加密和解密文件。
|
||||||
|
|
||||||
|
#### 在 age 中使用公钥
|
||||||
|
|
||||||
|
首先,生成一个公钥并写入 `key.txt` 文件:
|
||||||
|
|
||||||
|
|
||||||
|
```
|
||||||
|
$ age-keygen -o key.txt
|
||||||
|
Public key: age16frc22wz6z206hslrjzuv2tnsuw32rk80pnrku07fh7hrmxhudawase896m9
|
||||||
|
```
|
||||||
|
|
||||||
|
### 使用公钥加密
|
||||||
|
|
||||||
|
要用你的公钥加密一个文件:
|
||||||
|
|
||||||
|
|
||||||
|
```
|
||||||
|
`$ touch mypasswds.txt | age -r ageage16frc22wz6z206hslrjzuv2tnsuw32rk80pnrku07fh7hrmxhudawase896m9 > mypass.tar.gz.age`
|
||||||
|
```
|
||||||
|
|
||||||
|
在这个例子中,文件 `mypasswds.txt` 被我生成的公钥加密,放在一个叫做 `mypass.tar.gz.age` 的加密文件中。
|
||||||
|
|
||||||
|
### 用公钥解密
|
||||||
|
|
||||||
|
要解密你所保护的信息,使用 `age` 命令和 `--decrypt` 选项:
|
||||||
|
|
||||||
|
|
||||||
|
```
|
||||||
|
`$ age --decrypt -i key.txt -o mypass.tar.gz mypass.tar.gz.age`
|
||||||
|
```
|
||||||
|
|
||||||
|
在这个例子中,age 使用存储在 `key.text` 中的密钥,并解密了我在上一步创建的文件。
|
||||||
|
|
||||||
|
### 使用密码加密
|
||||||
|
|
||||||
|
在没有公开密钥的情况下对文件进行加密被称为对称加密。它允许用户设置密码来加密和解密一个文件。要做到这一点:
|
||||||
|
|
||||||
|
|
||||||
|
```
|
||||||
|
$ age --passphrase --output mypasswd-encrypted.txt mypasswd.txt
|
||||||
|
Enter passphrase (leave empty to autogenerate a secure one):
|
||||||
|
Confirm passphrase:
|
||||||
|
```
|
||||||
|
|
||||||
|
在这个例子中,age 提示你输入一个密码,它用这个密码对输入文件 `mypasswd.txt` 进行加密,并生成文件 `mypasswd-encrypted.txt`。
|
||||||
|
|
||||||
|
### 使用密码解密
|
||||||
|
|
||||||
|
要解密一个用密码加密的文件,可以使用 `age` 命令和 `--decrypt` 选项:
|
||||||
|
|
||||||
|
|
||||||
|
```
|
||||||
|
`$ age --decrypt --output passwd-decrypt.txt mypasswd-encrypted.txt`
|
||||||
|
```
|
||||||
|
|
||||||
|
在这个例子中,age 提示你输入密码,然后将 `mypasswd-encrypted.txt` 文件的内容解密为 `passwd-decrypt.txt`,只要你提供的密码与加密时设置的密码一致。
|
||||||
|
|
||||||
|
### 不要丢失你的密钥
|
||||||
|
|
||||||
|
无论你是使用密码加密还是公钥加密,你都_不能_丢失加密数据的凭证。根据设计,如果没有用于加密的密钥,用 age 加密的文件是不能被解密的。所以,请备份你的公钥,并记住这些密码!
|
||||||
|
|
||||||
|
### 轻松实现加密
|
||||||
|
|
||||||
|
age 是一个真正强大的工具。我喜欢把我的敏感文件,特别是税务记录和其他档案数据,加密到 `.tz` 文件中,以便以后访问。age 是用户友好的,使其非常容易随时加密。
|
||||||
|
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
via: https://opensource.com/article/21/7/linux-age
|
||||||
|
|
||||||
|
作者:[Sumantro Mukherjee][a]
|
||||||
|
选题:[lujun9972][b]
|
||||||
|
译者:[geekpi](https://github.com/geekpi)
|
||||||
|
校对:[校对者ID](https://github.com/校对者ID)
|
||||||
|
|
||||||
|
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||||
|
|
||||||
|
[a]: https://opensource.com/users/sumantro
|
||||||
|
[b]: https://github.com/lujun9972
|
||||||
|
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/document_free_access_cut_security.png?itok=ocvCv8G2 (Scissors cutting open access to files)
|
||||||
|
[2]: https://github.com/FiloSottile/age
|
||||||
|
[3]: https://github.com/FiloSottile/age#installation
|
||||||
|
[4]: https://opensource.com/article/20/11/macports
|
||||||
|
[5]: https://opensource.com/article/20/6/homebrew-mac
|
||||||
|
[6]: https://opensource.com/article/20/3/chocolatey
|
Loading…
Reference in New Issue
Block a user