|Operating System:||Linux (various)|
Sometimes you may receive files from RedShield consultants in the form of an encrypted archive, with the file extension .tar.gz.enc. In order to open the container, decryption is required first, followed by unpacking the compressed tar archive. The process for decrypting secure archive files on a Linux system is as follows:
1. Copy the archive file into a directory which you can access, and have permissions to create new files and directories. Change your current working directory to be that of the new location, or alternatively remember to use full paths when completing the commands listed below. The archive will be extracted in the form of a single file, or a directory containing a number of files, in the same location.
2. Ensure that you have the password for the file, which will be sent by different means to the archive file.
3. Run the following commands (filenames should be substituted for your own values):
openssl aes-256-cbc -d -in your_archive_filename.tar.gz.enc -out your_archive_filename.tar.gz
tar -zxvf your_archive_filename.tar.gz
4. Enter the password when prompted.
5. You should now find the directory or file unencrypted, and extracted into the same location as the original encrypted archive.
You can try this process on the sample file attached, which unpacks an archive and creates a folder called "aura-test" containing two files. The password for this test archive is "test".