EncryptPad is a handy text editor with encryption
Secure Writer
EncryptPad provides symmetric text encryption directly from the editor. You can also use EncryptPad to encrypt binary data.
EncryptPad [1] is a text editor with an encryption function. If you have a file with sensitive information, such as passwords and account names, you can use EncryptPad to edit and maintain the file, all the while ensuring that the file remains encrypted. EncryptPad also provides a data integrity feature through the SHA-1 hashing algorithm, so if you receive a file from someone else, you can ensure that it hasn't been altered in transmission. EncryptPad even protects you from a brute force attack by letting you safeguard the encrypted information with both a key and a passphrase. Store the key separately; if the USB stick with the encrypted information falls into the wrong hands, the thief won't have access the to data just by guessing the password.
In contrast to other common encryption tools, EncryptPad uses symmetric (rather than asymmetric) encryption. You use the same key to encrypt and decrypt the file. If you are sending the encrypted file to someone else, you need to provide the passphrase and/or key file to the other user separately.
EncryptPad, which has been on GitHub for about three years [2], is still at the beta stage; the current version at this time of writing is 0.4.0.4. The software is available for Linux, Mac OS X, and Windows. EncryptPad relies on OpenPGP [3] [4], and it uses the AES 256 symmetric encryption standard [5]. Some of the functionality of EncryptPad is similar to the gnupg.vim
extension for the Vim editor.
You can access EncryptPad through your desktop interface or use the encryptcli
command to run the application at the command line.
AppImage
EncryptPad has not yet made it into the archives of many Linux distributions, although you will find it in the Ubuntu PPA, the Arch Linux AUR, and FreeBSD. The developer offers the application for Linux as an AppImage [6] with a size of 29MB. Note that you have to adjust the permissions for the file before the first start. To set the permissions, use the chmod +x filename
command in a terminal window.
To launch EncryptPad, double-click on the file; later on, you will be able to start from the application menu in some distributions. At first glance, the main window looks like a regular text editor (Figure 1). But if you mouse over the icons or browse the menu, you'll find the functions for creating passphrases and key files, as well as a read-only mode that ensures that you don't unintentionally change important documents.
The Settings menu mainly contain parameters for creating passphrases and key files. If necessary, you can adjust these settings directly when you execute an action. However, you might want to configure the font and the number of files displayed in the Open dialog to suit your requirements.
If you plan to use keys, you will also need to specify the path to the cURL binary file. You can determine the path by typing which curl
in a terminal window; it may be necessary to install the program via the package manager. cURL lets you download keys directly from a remote server in EncryptPad.
Two Formats
EncryptPad supports two file formats: GPG and EPD. The GPG file type is for the OpenPGP format and is compatible with other OpenPGP tools. You can use it when opening a file even if EncryptPad is not available. The format does not support double protection with a key file and passphrase.
When using GPG, it is not possible to store the path of the key file in the encrypted file itself, so every time a file encrypted with a key file is opened, you are prompted to choose which key file the editor should use.
EPD is the native EncryptPad file format. Other OpenPGP software can open an EPD file as it is only protected with a passphrase, because then it is effectively a GPG file.
If you use a key or a combination of key and passphrase to protect the data, the program packs the GPG file into a WAD container. WAD [7], which stands for "Where's All the Data," is a simple format for combining multiple binary files. You can open WAD containers with SLADE [8].
The simplest case to protect text with EncryptPad is via the Save As function. In the case of unprotected text, you will see the information Passphrase not set and Key not set in red at the bottom right of the window.
Select GnuPG (*.gpg) in the Save dialog under Files of Type, and add the rest of the information, such as a filename and a desired storage location. Before the application saves the text, it prompts you to enter a password. After saving, the Passphrase not set message in red changes to a Password protected message in black.
The result is an OpenPGP file that no longer relies on EncryptPad for decryption but can be opened with standard GPG tools.
Using a Key
To protect text with a key, open or create the text file. Then click on the icon with the key and the plus sign. If you already have a key that you want to use, enter the path in the upper field of the input screen. To create a new key, enter a name in the Generate Key dialog box (Figure 2).
When you create a key file, EncryptPad creates a random byte sequence, prompts the user for a passphrase, encrypts the resulting sequence with it, and stores the results in a file. The application saves the key file with the .key
extension in the home directory of the user below the hidden ~/.encryptpad
folder (Figure 3).
Now press OK and enter a passphrase to protect the key. The software will ask you if you want to use the key for the open file. After you've said yes, nothing seems to happen. However, if you take a look at the ~/.encryptpad
folder below your home directory, you will see that the key is already there. Further indicators are the Key not set message changing to Key protected. In addition, the icon with a plus sign now has a minus sign that lets you remove key protection for this file.
To open the currently encrypted file later on, first enter the location of the key in the dialog. The software automatically detects this correctly as long as you do not move the key file. In a second step, enter the passphrase that you have assigned.
The whole thing can be nested one level further by protecting the key file with an additional password. Proceed as in the previous example, but do not select .gpg
as the file format; instead, go for .epd
. The software will ask you for an additional passphrase. The second passphrase protects the file on the hard disk. When the process is complete, you should see Passphrase protected and Keyword protected at the bottom (Figure 4).
If you want to close the file and open it again later, you will be prompted for the passphrase within the file and then for the key. For simplicity's sake, you will want to check Persistent key location in the encrypted file, because this option will eliminate the need to query the key in the future. All you need to do is enter the two passwords. If this option is set, EncryptPad shows you the option at the bottom in the Keyword protected section (Figure 5).
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Halcyon Creates Anti-Ransomware Protection for Linux
As more Linux systems are targeted by ransomware, Halcyon is stepping up its protection.
-
Valve and Arch Linux Announce Collaboration
Valve and Arch have come together for two projects that will have a serious impact on the Linux distribution.
-
Hacker Successfully Runs Linux on a CPU from the Early ‘70s
From the office of "Look what I can do," Dmitry Grinberg was able to get Linux running on a processor that was created in 1971.
-
OSI and LPI Form Strategic Alliance
With a goal of strengthening Linux and open source communities, this new alliance aims to nurture the growth of more highly skilled professionals.
-
Fedora 41 Beta Available with Some Interesting Additions
If you're a Fedora fan, you'll be excited to hear the beta version of the latest release is now available for testing and includes plenty of updates.
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.
-
Juno Tab 3 Launches with Ubuntu 24.04
Anyone looking for a full-blown Linux tablet need look no further. Juno has released the Tab 3.
-
New KDE Slimbook Plasma Available for Preorder
Powered by an AMD Ryzen CPU, the latest KDE Slimbook laptop is powerful enough for local AI tasks.
-
Rhino Linux Announces Latest "Quick Update"
If you prefer your Linux distribution to be of the rolling type, Rhino Linux delivers a beautiful and reliable experience.