28

man page of gpg command line (Gnupg) has commands to encrypt and decrypt files. Here is a standard command to encrypt/decrypt files with gpg.

gpg --encrypt --recipient xxx@mail.com ~/xxx/xxx.txt - to encrypt

gpg --output ~/xxx/xxx.txt --decrypt ~/xxx/xxx.gpg - to decrypt

But if i have a folder with multiple files and folders, how can i encrypt it with command line?

Caleb Adams
  • 4,445
  • 1
  • 26
  • 26
0928e8f6
  • 383
  • 1
  • 3
  • 4
  • Here is your answer: http://superuser.com/a/973338. Btw this question seems to be off-topic for stackoverflow. – zloster Feb 23 '16 at 18:23

3 Answers3

37

Solution 1:

Use gpg-zip.

Encrypt the contents of directory mydocs for user Bob to file test1:

gpg-zip --encrypt --output test1 --gpg-args  -r Bob mydocs

List the contents of archive test1:

gpg-zip --list-archive test1

This is an example directly from Encrypt or sign files into an archive. If you read that page in detail it will help you out a lot.

Solution 2:

Turn a directory into a file

If you want to encrypt a directory, you will need to convert it to a file first. Run the command:

tar czf myfiles.tar.gz mydirectory/

This gives you a new file 'myfiles.tar.gz' which you can then encrypt/decrypt. To turn a tarball back into a directory:

tar xzf myfiles.tar.gz

now you can use encrypt in the same way that you have above. So:

gpg --encrypt --recipient xxx@mail.com ~/xxx/xxx.txt

This is taken directly from an example on berkeley encrypting, which is also a quick and useful read.

You can review the man page here: gnu gpg man

Caleb Adams
  • 4,445
  • 1
  • 26
  • 26
  • 1
    In line with solution 2, http://duplicity.nongnu.org/ creates an encrypted tar and provides for transferring to remote locations via various means with the space-efficient rsync protocol. – David Oliver Apr 15 '16 at 12:13
  • 1
    I had to put quotes around gpg-args's parameter: --gpg-args "-r Bob" – mmalone May 25 '18 at 17:28
  • 12
    `gpg-zip` is now deprecated, and `gpgtar` is recommended. – demure Apr 11 '19 at 06:19
  • Using tar's compressing `z` flag in the first command is usually a waste of resources since gpg already does some compression. Default is `--compress-algo zip` with a compression level of `6`. – mxmehl Jul 10 '19 at 08:31
  • 1
    @mxmehl `gpg`, if asked to encrypt a file that is already compressed, will detect that and disable its own compression. Hene the data will be compressed exactly once whether `tar` is used with compression enabled or not. This behaviour is specified in `gpg`s `man` pages, and `gpg` will report what it does with regards to this if invoked with with `gpg -v`. – Carl Aug 10 '23 at 08:45
17

gpgtar is another option as well. gpgtar encrypts or signs files into an archive. It is a gpg-ized tar using the same format as used by PGP's PGP Zip.

It installs along with gnupg on MacOS and Linux.

Encrypt Directory

gpgtar --encrypt --output <out_file_name> -r <recipient> <dir_name>

Decrypt Directory

gpgtar --decrypt <out_file_name>

gpgtar man page

captam3rica
  • 191
  • 1
  • 5
10

If you don't want to tarball everything together and want to encrypt multiple files individually:

cd into the folder

encrypt: $ls | gpg --multifile --encrypt or $ls | gpg --encrypt-files -r <recipient>

decrypt: $ls | gpg --multifile --decrypt or $ls | gpg --decrypt-files

wattry
  • 936
  • 10
  • 22