I think I will do a talk about this at the next 2600 meeting.
- Show how to use it, and how its running off the USB Drive.
- I will show TrueCrypte and how it doesn't work on a non-admin system.
- I will also show how using this method is cross platform.
The other day I picked up a new 2gb USB Drive. I like to keep storage with me, as well as programs like Portable Putty, Firefox, Filezilla, VLC, 7Zip and KeePass. All of which can be downloaded free at PortableApps.com Keeping all these programs only takes up around 150MB, which isn’t bad when you have 1.9GB to play with. Now lets talk about encryption. Using a Mac or Linux a lot like I do, you find OpenSSL is awesome. You can easily encrypt and decrypt files quickly. I recently got to looking around and found an .exe of OpenSSL. So I started playing. When I was done I had OpenSSL working off a USB Drive, and a batch file that either encrypts or decrypts based on the file extension. Oh and the batch file is run by dropping a file onto it. Here is what I did.
1. Download Win32 OpenSSL v0.9.8g Light and install. 2. Copy C:\OpenSSL\bin to your USB Drive. 3. Rename the bin directory to openssl. 4. Copy libssl32.dll, libeay32.dll, msvcr71.dll, ssleay32.dll from C:\WINDOWS\system32 to your new openssl directory. 5. Double click on openssl.exe in your openssl directory. If it works you should get a command prompt showing OpenSSL> 6. Download this file to the root of your USB Drive. encrypt-and-decrypt.bat 7. Now you have drag and drop encryption and decryption using aes-256.
The batch file will encrypt any file but will not encrypt a directory. If you want to encrypt a directory you can use 7zip to zip up the directory, then encrypt the .zip Also the batch file will only decrypt files ending in .enc Test it out and you will see what I mean. If you have any questions just leave a comment.
ps. If you want separated encrypt and decrypt files you can download these. encrypt.bat decrypt.bat
@echo off SET EX=%~x1 rem Changes program to the dir .bat is in cd /d %~dp0 if %EX%==.enc (GOTO :DECRYPT) IF EXIST %1.enc ( echo Please rename/remove file. echo %~f1.enc pause) IF EXIST %1.enc (GOTO :END) "%CD%\openssl\openssl.exe" enc -aes-256-cbc -salt < %1 > %1.enc GOTO :END :DECRYPT IF EXIST "%~dp1%~n1" ( echo Please rename/remove file. echo %~dp1%~n1 pause) IF EXIST "%~dp1%~n1" (GOTO :END) "%CD%\openssl\openssl.exe" enc -d -aes-256-cbc -salt < %1 > "%~dp1%~n1" GOTO :END :END
@echo off rem Changes program to the dir .bat is in cd /d %~dp0 rem Fist part is the path to openssl.exe, then the encryptions stuff. rem rem Then %1 is the item you dropped on the .bat file. rem Then the sencond %1 adds a .enc to the end of the file name, and saves it. "%CD%\openssl\openssl.exe" enc -aes-256-cbc -salt < %1 > %1.enc
@echo off rem Changes program to the dir .bat is in cd /d %~dp0 rem Fist part is the path to openssl.exe, then the encryptions stuff. rem Then %1 is the item you dropped on the .bat file. rem Then %~dp1%~n1 removes the .enc and places the file into orginal dir. "%CD%\openssl\openssl.exe" enc -d -aes-256-cbc -salt < %1 > "%~dp1%~n1"