The privacy of our documents is not something to be taken lightly. Because it is possible that one day an intruder might steal our data. In this article, I will show you how to protect your files on Linux with Tomb.

You’ve probably heard about encrypting files on Linux. First of all, it is good to say that this is a great way to protect your files as you can create a key file and a password to access them, that is, double security.

To do the above, there are several applications, but one of it of Tomb. Tomb is a 100% free and open source system for file encryption on GNU/Linux, facilitating the backup of secret files.

Tomb generates encrypted storage folders to be opened and closed using their associated key files, which are also protected with a password chosen by the user. So, if you want to protect your files and folders on Linux, then Tomb is a great option.

Let’s install it.

Install Tomb on Linux

Tomb, for now, is only available for Linux. So, if you use Arch Linux, your installation is reduced to running a single command. If you use Debian, Ubuntu, and derivatives you have to add a repository.

For Arch Linux

:~$ yay -S tomb gtomb

For Debian 9, Ubuntu 18.04 and Ubuntu derivates it is necessary to add the SparkyLinux repository. First, open a terminal and create a repo.list file.

:~$ sudo nano /etc/apt/sources.list.d/sparky-repo.list

Next, add the following:

deb https://sparkylinux.org/repo stable main
deb-src https://sparkylinux.org/repo stable main
deb https://sparkylinux.org/repo testing main
deb-src https://sparkylinux.org/repo testing main

Save and close the file. Then, download the GPG key and add it to APT.

:~$ wget -O - https://sparkylinux.org/repo/sparkylinux.gpg.key | sudo apt-key add -

Next, refresh the APT cache.

:~$ sudo apt update

Finally, install tomb package.

:~$ sudo apt install tomb

That’s it. Now, let’s use it.

Protect your files with Tomb

tomb allows you to encrypt folders and files through a file that serves as a key. This, in turn, is protected with a password. Encrypted folders are called tombs. Then, let’s create an example.

I will create a tomb called osradar with size 150MB. Remember a tomb is a folder. You must run the commands as root user.

Note: it is necessary to deactivate the swap partition.

:~$ sudo swapoff -a

:~$ sudo tomb dig -s 150 osradar.tomb

As I said before, the tomb is protected by a key file. Create it.

:~$ sudo tomb forge osradar.tomb.key

Then, you will have to enter the key file password twice.

Finally, you will see this.

The next step is to lock the folder with the key file. You have to type the password.

:~$ sudo tomb lock osradar.tomb -k osradar.tomb.key

Next, you will see this.

Opening the tomb

So, you know how to protect your folder with the key file. However, there’s still how to open it, why else, what’s the point?

You need to run this command and type the password.

:~$ sudo tomb open osradar.tomb -k osradar.tomb.key

And you will open the folder normally.

Finally, when you finish working with the tomb, close it.

:~$ sudo tomb close

If you have many tombs opened.

:~$ sudo tomb slam all

So, that’s it.

Conclusion

It’s never too much work to protect your files on Linux. Especially if they are private files that you don’t want anyone to be able to open. To do this, you have a simple tool like tomb that is very powerful and few commands let you encrypt a folder where you can store the most important things on your computer.

About security, we also talked about Buttercup a password manager. You can read it here.