29Eyl
Best way to symmetrically encrypt multiple files using a password
I would like to encrypt many files using symmetric encryption such as AES256, using a single memorised password.
I was planning to use gpg but gpg symmetric encryption does not work with --multifile flag. gpg has the ability to cache the passphrase during decryption, but I couldn't find this option for encryption.
What is the best way of doing this?
Conditions:
- Prefer using popular tools that have stood test of time in public. Ideally I would only use tools already shipped with linux
- It won't work for me to create a giant tarball and encrypt it. I need each file to be encrypted separately.
- I want to type the passphrase only once, not once per file.
Some solutions that seem to have drawbacks:
- use openssl cli not pgp - may have vulnerabilities in implementation of cryptography as claimed by users here
- use passphrase flag in gpg and store the passphrase in a file - not recommended as other people may have access to the computer in future and securely erasing the disk is non-trivial.
- use this script - I don't know if this code has bugs or can be accidentally misused.
- use pgp asymmetric encryption and export the encrypted private key. Everyone who has access to encrypted files will also have access to the encrypted private key. - This might be slightly slower but that is not an issue. It feels wrong, but this solution will work for me. I will consider this as worst case option.
- use 7zip (or a similar tool) - maintained only by one company and may be less secure or less portable compared to pgp or openssl. I will consider this as worst case option.