We might never know who is touching on those file on the server,
especially when its publicly available on the internet.
One way to encrypt the file is with Gnu PG (gpg).
To create your private + public key:
After completed the prompt, the keys will be created.
Public key is for you to distribute to others, so that they can encrypt the file specially for you only. Because your public key encrypted file can only be decipher by your "private" key.
On MAC / Linux, the keys is stored in [home]/.gnupg/*
To encrypt a file:
gpg -e [filename]
A file by name [filename].gpg will be created with the encrypted data.
to decrypt the file:
gpg -d -o [filename] [filename].gpg
GPG encryption also does compression. Therefore, there is no need to gzip a tar file to use gpg with it. GPG allow console input for encryption. There fore, you may run this:
If you are planning to open your encrypted file in another computer, you will need to have the private key on that machine. Todo that:
To export your secret keys, use:
gpg --export-secret-key -a > secret.key
and to import them in the other machine:
gpg --import secret.key
GPG can also be used for mail purpose. But you will need to allow your sender to have your public key, in order to send encrypted email to you.
You may export your key to your sender by running:
gpg --armor --export --output [newfilename].asc "[yourkeyuid]"
To get the list of keys available on your machine:
The uid role will be needed for above export.