-
Recent Posts
- Create Compressed, Encrypted Archives with tar + gpg on Linux
- # Beware of the Malware: CISA’s Latest Warning
- —title: A Critical Warning: Don’t Let Your Firebox Go Up in Flames!author: [Your Name Here]date: [Insert Date Here]tags: security, WatchGuard, Firebox, vulnerability—
- # 🚨 Critical Update: Google Patches Chrome Zero-Day Exploit!
- # Beware of the Groundbreaking New Ransomware: HybridPetya
Categories
- Android (80)
- Android Apps (74)
- Apache (4)
- Arch (10)
- Bill 'em (2)
- CentOS (20)
- Cisco (2)
- Development (12)
- DevOps (3)
- Dominion Companion (15)
- Fedora (20)
- Good Shepherd Knights of Columbus (2)
- Good Shepherd Online App (2)
- GS Chinese Auction (2)
- Guides (53)
- Hacks (10)
- Harptabs.com (68)
- Harptabs.com Mobile App (26)
- Landscaper Tracker (1)
- Linux (81)
- myCookieFortune.com (3)
- Networking (8)
- News (198)
- Our Apps (58)
- Payup (1)
- PHP IP Logger (6)
- Security (21)
- Time Off Tracker (6)
- Website Loader (1)
- Websites (20)
- Windows (4)
Tags
android apps arch beta Bill 'em block bluetooth bug fix Captcha css dc delete development domain controller dominion companion downloader draft email flash FSMO hard disk harptabs Harptabs.com Harptabs.com Android App inode iptables linux Maintenance mobile mobile app mount pacman password photos PHP IP Logger QR security smartctl special character ssh terminal testing time off tracker update upgradeAds by Google
Join us on Facebook
Create Compressed, Encrypted Archives with tar + gpg on Linux
Need to back up or share sensitive files on Linux? A simple, time-tested pattern is:
- archive with
tar, - compress (e.g., gzip), and
- encrypt with GnuPG (
gpg).
Below are the most useful one-liners for both password-based (symmetric) and public-key (asymmetric) workflows, plus how to decrypt and list contents without creating intermediates.
Symmetric encryption (password)
Use a passphrase you’ll remember (or store it in a password manager). This creates a compressed (.tar.gz) archive and pipes it straight into gpg for encryption:
# Create: directory -> tar.gz -> gpg (prompted for passphrase)
tar -cvzf - /path/to/dir | gpg --symmetric --output secret.tar.gz.gpg
# Decrypt + extract back to current directory
gpg --decrypt secret.tar.gz.gpg | tar -xvzf -
This pattern avoids temporary plaintext files by streaming via STDIN/STDOUT.
Asymmetric encryption (public key)
If you’re sending data to someone else, encrypt to their public key so only they (with the private key) can decrypt:
# Encrypt to a recipient (use their email, key ID, or fingerprint)
tar -cvzf - /path/to/dir | gpg --encrypt --recipient [email protected] --output share.tar.gz.gpg
# Recipient decrypts and extracts
gpg --decrypt share.tar.gz.gpg | tar -xvzf -
If you don’t yet have keys: generate/import keys first, then use --recipient.
Listing contents without extracting
You can peek inside an encrypted archive:
gpg --decrypt secret.tar.gz.gpg | tar -tzf -
This decrypts to STDOUT and lists the tarball’s table of contents (-tzf) without writing files.
Notes & tips
- Compression choices: swap
-z(gzip) for-j(bzip2) or-J(xz) to trade speed vs. ratio. - File extensions: pick something descriptive, e.g.
.tar.gz.gpg. - No intermediates: the pipe (
|) keeps plaintext off disk during creation and decryption. - Alternative tool:
gpgtarbundles archiving and GPG in one command if you prefer fewer moving parts.
Common pitfalls
- Wrong recipient or missing key: ensure you imported/selected the correct public key before
--encrypt. - Passphrase prompts in scripts: for unattended scripts, look into
gpg --batchand pinentry options—handle secrets carefully.
Posted in Guides, Linux, Security
Leave a comment
New Windows 10 zero-day gives admin rights, gets unofficial patch
Microsoft has really been terrible with their patches recently. They just can’t seem to get things right recently.
Move or migrate user accounts from old Linux server to a new Linux server – nixCraft
Posted in Linux
Leave a comment
How to force an authoritative and non-authoritative synchronization for DFSR-replicated SYSVOL (like “D4/D2” for FRS)
Posted in Windows
Leave a comment
Transfer FSMO Roles from a DC
Is your Primary Domain Controller getting old and in need of replacing? Need to power it down for an extended period? Transferring your FSMO roles is very easy to do and can save a big headache down the road. To transfer the roles just follow the steps below:
- type “ntdsutil” and press enter
- type “roles”
- Next type “connections” when you see “fsmo maintenance:” prompt
- Type “connect to server <new dc’s name>” at the “server connections:” prompt
- Type “Quit” to get back to the “fsmo maintenance:” prompt
- Type “Transfer <FSMO Role to be transferred>” you can also use “?” to get a list of commands including all the FSMO roles.
- Click Yes to the prompt which pops up outside of the command prompt
That’s it, your roles have been transferred to a different domain controller.