file, you must pipe the archive into an encryption tool like GnuPG (gpg) InterServer Method 1: Using GnuPG (Recommended)
| To do this... | Use this command... | |---------------|----------------------| | Encrypt an existing .tar.gz | openssl enc -aes-256-cbc -salt -in file.tar.gz -out file.enc | | Decrypt and extract | openssl enc -d -aes-256-cbc -in file.enc | tar xz | | Create from scratch (no trace) | tar cz folder/ | openssl enc -aes-256-cbc -out backup.enc | | Use GPG instead | gpg --symmetric --cipher-algo AES256 file.tar.gz |
tar czf - my-folder/ | openssl enc -aes-256-cbc -out archive.tar.gz.enc password protect tar.gz file
If you search online, you might see old forum posts mentioning tar --password=secret . These posts are either misinformed or refer to obsolete, non-standard patches. The GNU version of tar does not have built-in encryption.
Here’s a little secret: A tar.gz file is not the only archiving format. The .zip format has supported password-based AES encryption for years. While you lose some of the Unix-specific perks of tar (like preserving exact ownership and symlinks), the zip command can directly compress and encrypt a folder. file, you must pipe the archive into an
tar -xzvf myfiles.tar.gz
But if you leave that file sitting on your desktop or upload it to the cloud without a password, you haven’t really locked the door; you’ve just put a "Do Not Enter" sign on it. Anyone with a file browser can peek inside. These posts are either misinformed or refer to
If you are writing a cross-platform script and cannot rely on GPG being installed, is your best friend—it's almost always present.
The RISC OS Open Beast theme is based on Beast's default layout
Site design © RISC OS Open Limited 2025 except where indicated