Select “Ok” to create the encrypted archive file. Use a strong password with at least 8 characters and containing upper and lower letters and a minimum of one number. It is strongly recommended to use AES-256 to protect sensitive and confidential data.
Selecting ZipCrypto may allow users to open the zip file in Windows without a zip program, but it does not provide adequate protection against attackers with modern cracking tools.
AES-256 is proven much more secure than ZipCrypto, but if you select AES-256 the recipient of the zip file may have to install 7-zip or another zip program to read the file contents. There is a trade-off between using AES-256 and ZipCrypto. Change the Encryption Method to “AES-256”.
In the Add to Archive window change the name of the archive you wish to create.Right click on the file / folder to be encrypted.
7-Zip is open source software used to compress or zip files secured with encryption. We can use a program such as 7zip to accomplish this task. When you send or transfer files that contain Personal Identifiable Information (PII) or other confidential and sensitive data the files must be encrypted to ensure they are protected from unauthorized disclosure. Please consult documentation of the tools for more info.We often find times that sharing information over email and other public communication requires protection around the files to ensure only the intended recipients can access the data. Most of the described tools also provide a way to enter a passphrase interactively (although 7zip does not seem to work well when reading input from stdin). Encrypting With GPGĮncryption mariabackup -user=root -backup -stream=xbstream | gpg -c -passphrase SECRET -batch -yes -o backup.xb.gpgĭecrypt, unpack gpg -decrypt -passphrase SECRET -batch -yes backup.xb.gpg | mbstream -x To encrypt the backup from the previous example using password SECRET, add -pSECRET to the 7z command line. Uncompress and unpack the archive with 7z e backup.xb.7z -so |mbstream -xħz also has builtin AES-256 encryption. We can decrypt, decompress and unpack the backup as follow (note gzip -d in the pipeline): openssl enc -d -aes-256-cbc -k mypass -in backup.xb.gz.enc |gzip -d| mbstream -xħzip archiver is a popular utility (especially on Windows) that supports reading from standard output, with the -si option, and writing to stdout with the -so option, and can thus be used together with Mariabackup.Ĭompressing backup with the 7z command line utility works as follows: mariabackup -user=root -backup -stream=xbstream | 7z a -si backup.xb.7z This example adds a compression step before the encryption, otherwise looks almost identical to the previous example: mariabackup -user=root -backup -stream=xbstream | gzip | openssl enc -aes-256-cbc -k mypass > backup.xb.gz.enc We can decompress and unpack the backup as follows: gunzip -c backupstream.gz | mbstream -xĬompressing and Encrypting Backup, Using gzip and openssl This example compresses the backup without encrypting: mariabackup -user=root -backup -stream=xbstream | gzip > backupstream.gz To decrypt and unpack this backup into the current directory, the following command can be used: openssl enc -d -aes-256-cbc -k mypass -in backup.xb.enc | mbstream -xĬompressing and Decompressing Backup With gzip Mariabackup -user=root -backup -stream=xbstream | openssl enc -aes-256-cbc -k mypass > backup.xb.enc The following example creates an AES-encrypted backup, protected with the password "mypass" and stores it in a file "backup.xb.enc": Encrypting and Decrypting Backup With openssl This option allows easy integration with popular encryption and compression tools. Mariabackup supports streaming to stdout with the -stream=xbstream option.