# Crypting private data



## valsorym (Dec 4, 2011)

Howdy all, 
probably each of us has private data (credit card Pin-code, account in email or host  server/ssh/root password, in the end phone number Jasmin of erotic escort service :r).

In the past (when I  used the WIndows OS) I wrote for me a small program encryption of text data using the method of public keys. It was a good program. I used it and after the transition to FreeBSD, using the true emulators/wine tool. All these I have kept on an external hard drive - which soon failed (broken). Now I've lost the source code, software and personal data. (To say there is nothing - a loser). 

I now have a question - is it worth to rewrite the program again? Or may have a similar under FreeBSD? How are you hiding from the wife of the phone a your girl friend?  (sorry, ... your personal data).

* I've seen a lot of programs - but ruled that the issue for discussion because it "delicate". I would like to do would have been encrypted data securely and the program not was "trojan" (do not send my passwords to developer). 

What would you recommend? (* It is desirable for the console).
Thanks.


----------



## fonz (Dec 4, 2011)

FreeBSD offers plenty of encryption facilities: for single files, for partitions or even the entire system.

Fonz


----------



## aragon (Dec 4, 2011)

I use geli(8) with a vnode backed md(4) device.


----------



## SirDice (Dec 5, 2011)

Handbook: 19.16 Encrypting Disk Partitions

There's also security/truecrypt


----------



## graudeejs (Dec 5, 2011)

SirDice said:
			
		

> Handbook: 19.16 Encrypting Disk Partitions
> 
> There's also security/truecrypt



Is fuse already fixed for it?


----------



## fluca1978 (Dec 5, 2011)

I've tried truecrypt on 9 rc1 over an usb fat32 filesystem and it seems working.


----------



## folivora (Dec 5, 2011)

I am using geli with md to create small crypted partitions. 

Works nicely.


----------



## fonz (Dec 5, 2011)

+1 for geli(8).

You can do pretty much anything from creating small encrypted partitions to encrypting the entire system including / and swap.

The handbook has a section on geli (and gbde), but it focuses on encrypting an actual disk partition. For full system encryption search the HOWTO forum; several people have written HOWTOs for this, including _The User Formerly Known As Killasmurf_. For creating a small encrypted partition contained in a file (similar to a TrueCrypt container) you may want to use geli in conjunction with md(4) as already said by several people. There might be a HOWTO for that too, but don't shoot me if there isn't one (yet).

Fonz


----------



## bes (Dec 7, 2011)

Single files  security/gnupg1
full disk encryption GELI(8) 
a kernel level stacked cryptographic filesystem, which transparently runs on top of existing file systems sysutils/pefs-kmod


----------



## valsorym (May 4, 2012)

Hi guys.
It's me, again, and it's my solution this problem (yep tool). 
Sorry that I do not listen to all of you, but I think easier to create my solution, than  learn other programs.

Note: 
1. It only works with Latin alphabet. 
2. The program completely fresh - has not yet been tested.

Okay, no big program that allows you to encrypt text files are not very complicated, but rather a reliable method. 

In order to create/open an encrypted file, simply run:
`% yep [i]<TEXTEDITOR> <FILENAME>[/i]`
For example:
`% yep vim ~/my_first_yep_file`

* Use the argument of _-w_ to ask your protection key.
For example:
`% yep -w doorways vim ~/my_second_yepfile`

To get help: 
`% yep -i`

To change the password and the keyword:
`% yep -p ~/yepfile`
or
`% yep -w my_keyword -p ~/yepfile`

During operation, the program will create a directory / tmp / yep that will host the temporary files. For that to change this directory, use the argument of _-d [/ i].
For example:
 % yep -w doorways -d ~/tmp/ vim ~/yepfile

Directory structure:


		Code:
	

 ~/yep/
      |__ bin/
      |__ doc/
      |__ src/
      |__ ..
      |__ .


Sources:
~/yep/src/yep.c
The full source code with syntax highlighting can be viewed here!

~/yep/src/Makefile


		Code:
	

# Project:          yep
# Date created:     April 22, 2012
# Whom:             valsorym <valsorym.e@gamil.com>

# binary
EXECUTABLE = $(.CURDIR)/../bin/yep

# compiler
CC = cc
CFLAGS = -Wall -std=c99 
LDFLAGS = -O2

# targets
all: $(EXECUTABLE)
$(EXECUTABLE): yep.o
	$(CC) $(CFLAGS) -o $@ $> $(LDFLAGS) 

yep.o: yep.c
	$(CC) $(CFLAGS) -c $>

.PHONY: all clean run install

clean:
	rm -f *.out *.o *.core

run:
	$(EXECUTABLE)

install:
	cp $(EXECUTABLE) ./bin/


P.S. I hope this helps someone too. (It helped you - tell me "thank you". It is not helped - I listen to your criticism!  ).
P.P.S. No need to yell at me, I know that to create a bike again - bad! But I want to ..!_


----------



## DutchDaemon (May 5, 2012)

Large amounts of output really belong on something like http://pastebin.com, which will give you a link you can post here.. It's in the forum guidelines.


----------



## bes (May 5, 2012)

doorways said:
			
		

> Hi guys.
> It's me, again, and it's my solution this problem (yep tool).
> Sorry that I do not listen to all of you, but I think easier to create my solution, than  learn other programs.
> 
> ...


If you just want to edit a text file, you can add Password Protection to a file your editing in vim:
[CMD="vim"]-x <FILENAME>[/CMD]


----------



## valsorym (May 5, 2012)

bes said:
			
		

> If you just want to edit a text file, you can add Password Protection to a file your editing in vim:
> [CMD="vim"]-x <FILENAME>[/CMD]




Yes, you are right! 
But this is just vim editor, but if I will need to use: vi/ee (FreeBSD default editors), emacs, nano (Linux Gentoo default editor) ... etc. I can create _yepfile_ on FreeBSD, for example, use vim
`% yep -w doorways vim ~/my_yepfile`

and then read (edit) it use nano in my Linux Gentoo
`% yep -w doorways nano ~/my_yepfile`

So, I can use any others text editors.

But, thank you! I didn't know this about vim  :r


----------



## valsorym (May 5, 2012)

DutchDaemon said:
			
		

> Large amounts of output really belong on something like http://pastebin.com, which will give you a link you can post here.. It's in the forum guidelines.



Oh, thanks! This is very interesting.
Now the full source code with syntax highlighting can be viewed here!


----------

