I'm going to look at two methods for encrypting files on Mac OS X.
The first is built in, and uses DisK Utilty to create an encrypted
Disk Utility needs to work from a folder, so you first need to create
a directory to put your protected files in. I used "secrets" as
my directory name, and moved my important files into it. I then invoked
hdiutil create -encryption -stdinpass -srcfolder secrets foo.dmg
You can also do this with the graphical Disk Utility tool. This
will ask for an encryption passphrase, or you could just do:
echo "your passphrase" | hdiutil create -encryption -stdinpass -srcfolder secrets foo.dmg
This creates "foo.dmg" and the passphrase you used is required to
open it. If you do that graphically through Finder, you'll be prompted
for your phrase, or you can do it from the command line:
hdiutil attach -stdinpass foo.dmg
(But see Mac OS X Encryption Problem for a subtle trap here)
Entering the correct passphrase gives you a mounted disk image where
you can access your files. By the way, don't forget to remove the "secrets"
directory and its contents.. not much point in encrypting a disk image of a
folder and leaving the unencrypted version on the disk.
GNU Privacy Guard
You can download this from http://macgpg.sourceforge.net/. Run the installer, and then at the Terminal
command line run:
This asks a few questions, including requesting a passphrase,
and generates the files it needs. Generating these will take
a fair amount of time - you need patience. You also need your
machine to be doing something; I did "ls -lR /" in a terminal
window while continuing with my ordinary work. Eventually
gpg will finish up:
gpg: /Users/apl/.gnupg/trustdb.gpg: trustdb created
gpg: key 5D604AE8 marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 1024D/5D604AE8 2006-05-14
Key fingerprint = F08A C9DC 53DF AF02 8E50 B683 2A0B 47EC 5D60 4AE8
uid Tony Lawrence (Key for files) <[email protected]>
sub 4096g/100D68F5 2006-05-14
For simple use, gpg is very easy. For example, given a file "stuff":
gpg -e stuff
is all you need. That will ask for a user id (you provided that
when you created the gpg keys) and will create "stuff.gpg". This
does not remove "stuff", so if you are using this to protect
files on your disk, remove the original. To decrypt, "gpg stuff.gpg".
For that, you'll need your passphrase.
For more on gpg in general, see GPG/PGP Basics and for more on integrating GNU Privacy Guard with
Mac OS X programs, see Configuring GnuPG (Mac OS X)
Got something to add? Send me email.
Increase ad revenue 50-250% with Ezoic
More Articles by Anthony Lawrence
Find me on Google+
© 2010-10-27 Anthony Lawrence