Encrypt and decrypt files with Age or Rage

Keep It Simple

Article from ADMIN 72/2022
By
Age and Rage are the Go and Rust implementations of a simple, modern, and secure file encryption tool.

Encrypting files ensures the IT security protection goal of confidentiality. Depending on which method you use, integrity and accountability can be ensured, as well. Asymmetric encryption is easier with Age than with GnuPG. In this article, I look at how to use Age and how you can use it in practice.

The Role of Encryption

IT security protection goals define requirements for data or the contents of files during storage or transmission. File encryption is useful and important in many enterprise scenarios. Encryption makes sense, and not just when you need to send data over insecure channels such as the Internet, but also for data that is no longer needed in everyday life or that is already backed up and no longer needs to be kept available in the clear. Cryptographic techniques can be used to store such data confidentially and verify its integrity on recovery.

Encrypted backups or routinely encrypted older files in an archive primarily provide protection against a potential attacker copying large volumes of information and subsequently publishing or selling this information to other market players. Of course, this does not protect you against ransomware infestation. Also, the assigned private key or password used for decryption should not simply be stored on the hard drive of your computer or server.

Not Always GnuPG

Many distributors use GnuPG to sign their packages and distribute the public key accordingly. Therefore, most distributions are capable of encrypting or signing files out of the box. At the command line, you can easily sign a file with a private key stored in the keychain:

gpg --detach-sign -o sig.gpg secret.txt

After doing so, the file sig.gpg with the signature can be forwarded to the recipient. With your public key, it is easy to check whether the file has been

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Filesystem Encryption

    The revelation of wide-spread government snooping has sparked a renewed interest in data storage security via encryption. In this article, we review some options for encrypting files, directories, and filesystems on Linux.

    more »
  • Lead Image © Yoichi Shimizu, 123RF.com
    Encrypting files
    Encrypting your data is becoming increasingly important, but you don't always have to use an encrypted filesystem. Sometimes just encrypting files is enough.
    more »
  • Lead Image © Sergey Nivens, 123RF.com
    Efficient password management in distributed teams
    Team members often need certain information to authenticate against servers. You don't want to save this secret data in plain text, but you don't want to retype it every time, either. How can you share these secrets?
    more »
  • Ulrich Mueller, 123RF
    Secure data transfer with FTP alternative MFT
    Although FTP still does loyal service despite its age, if you need to send sensitive data, you should consider managed file transfer.
    more »
  • Secure Alternative to FTP

    Although FTP still does loyal service despite its age, if you need to send sensitive data, you should consider managed file transfer.

    more »
comments powered by Disqus