ZIPEncryptFTP is a program I developed to make off-site backups of important data. Like its name suggests, it ZIPs one or more directories, Encrypts the ZIP file with AES and uploads it to a FTP server.
ZIPEncryptFTP is a C# command-line program, you will need the .NET 2.0 framework runtime to run it. It will write to the Application eventlog, so you need to run it the first time with administrator privileges, to register ZIPEncryptFTP with the eventlog.
To backup data, use ZIPEncryptFTP with these parameters:
ZIPEncryptFTP /directory /password /url /ftpuser /ftppassword
ZIPEncryptFTP /directory:c:\Data /password:Secret /url:ftp://ftp.com/backup /ftpuser:Didier /ftppassword:1234
This will compress the c:\Data directory and its content (including subdirectories) to a ZIP file, encrypt the ZIP file with AES using password Secret, and then upload the file to FTP server ftp.com and call the file backup. The credentials to access the FTP server are user Didier with password 1234.
Everything is done in memory, no temporary (ZIP) files are created. The ZIP file is created and encrypted in memory.
The password is converted to a 256 bit key, and the initialization vector is generated at random. The effect of this is that encrypting the same file twice will yield 2 completely different encrypted files.
You can ZIP more than one directory or file, proceed like this:
ZIPEncryptFTP /directory:c:\MyData /directory:c:\MyPictures …
To recover the data, you will need to retrieve the encrypted file backup from the FTP server with your favorite FTP-client. Then decrypt the file backup with this command:
ZIPEncryptFTP /password /infile /outfile
ZIPEncryptFTP /password:Secret /infile:backup /outfile:backup.zip
Use your favorite ZIP application to extract your files from file backup.zip
If you don’t want to provide the encryption password and FTP credentials on the command-line, I’ve added a function (dpapi) to encrypt and store them in the registry with the Data Protection API, just like Internet Explorer does when you let it remember your passwords.
You could decide to use dpapi because you use ZIPEncryptFTP in a script or batch file and don’t want the password and credentials to appear in clear and be readable by everybody.
To store the encryption password and FTP credentials in the registry, use this command:
ZIPEncryptFTP /dpapi /password /ftpuser /ftppassword
ZIPEncryptFTP /dpapi /password:Secret /ftpuser:Didier /ftppassword:1234
Once you have stored the credentials in the registry, you can backup your data with this command:
ZIPEncryptFTP /directory /url /dpapi
ZIPEncryptFTP /directory:c:\Data /url:ftp://ftp.com/backup /dpapi
And decrypting is done with this command:
ZIPEncryptFTP /dpapi /infile /outfile
ZIPEncryptFTP /dpapi /infile:backup /outfile:backup.zip
To display the encryption password and FTP credentials stored in the registry, use this command:
Installation: copy files ZipEncryptFTP.exe and ICSharpCode.SharpZipLib.dll to the same directory of your choice.