Confidential data is kept private in order to maintain secrecy. Likewise, Git users can also have files that contain sensitive data/information about the project. To handle these files/data, Git offers a tool called Crypt that encrypts the data with GPG keys. In short, Git Crypt is a tool that lets you freely share mixed data public and private to your Git repository. Looks interesting, right? Let’s implement its procedure in the following guide.

How to Encrypt Sensitive Data in Git using Git-Crypt?

The user can encrypt the files containing sensitive data and push them into the Git repository. These files are encrypted when committed and decrypted while checked out. Moreover, it will not be readable to other users until it is decrypted with the help of a GPG key. To encrypt sensitive data files, the below-provided steps are carried out.

Step 1: Check Git Version

Initially, open the terminal and check the version to make sure that Git is installed using the command below:

 

Git version 2.34.1 is available.

Note: If Git is not installed in your Ubuntu operating system, execute the “sudo apt install git” command.

Step 2: Install Git-Crypt

Afterward, install the Git Crypt tool with the command provided below:

 

Step 3: Make New Directory

Make the new directory via the “mkdir” command as shown:

 

In our case, the directory “Encrypted-repo” has been created.

Step 4: Move to Git Repository

After that, move to the created directory through the “cd” command:

 

Step 5: Define Files to Encrypt

Let’s create two files (README.md and secret.txt) in the current repo, and add some content. For encryption, we will use the “secret.txt”. See the below commands:

 

The files “README.md” and “secret.txt” have been created with the above-given content.

Step 6: Initialize Repository

Next, initialize the Git repository with the help of the “git init” command:

 

The current directory has been initialized.

Step 7: Initialize Git-Crypt

After that, initialize the repository again with the Git Crypt tool using the provided command:

 

The Crypt tool will generate the GPG key as can be seen above.

Step 8: Define File to Encrypt

To encrypt the file in the directory create the “.gitattributes” file and open it with the nano editor:

 

After the file is opened, add the following line with the file name that you want to encrypt:

 

In our scenario, we have added the “secret.txt” file.

Copy and add the below-provided lines as well in the “.gitattributes” file:

 

To prevent encrypting the “.gitattribute” itself add the following line:

 

After adding all the lines, save the file by pressing “Ctrl+O” and exit from the file with the shortcut “Ctrl+X”:

Step 9: Check Git-crypt Status

To check the status of the encrypted file, execute the below-mentioned command:

 

From the above output, you can see that the file “secret.txt” has been encrypted.

After securing the data, the user can push it into the Git repositories.

Conclusion

Git Crypt is a tool in Linux that is used to secure sensitive data and push them into Git repositories. To do so, install the Git Crypt using the “sudo apt install git-crypt” command, define the “.gitattributes” file in the repository, and encrypt the file. Then, check the status of the encrypted file using the “git-crypt status -e” command. This tutorial has elaborated on securing sensitive data in Git repositories.