<p>All of the above answers are great! </p> <p>But all you really have to do is:</p> <blockquote> <pre><code>$ chmod -Rv 400 ~/.privdata </code></pre> </blockquote> <p>Where <strong>.privdata</strong> is the <em>hidden</em> directory tree you are concerned with(Hiding the directory only serves the "out of sight, out of mind" aspect, but every little bit of obfuscation adds <em>some</em> extra layer of security). </p> <p>That leaves only one user to concern yourself with, and that's the Superuser - if that's you, then:</p> <blockquote> <pre><code># chmod -Rv 400 /root/.privdata </code></pre> </blockquote> <p>Should fix everything up nicely, without having to even worry about ecrypting the data since it is now inaccessible unless you get <strong>0wn3d</strong> by a <strong>h4x0r</strong>, but there's more ;)</p> <p>Regardless of which methodology (or combination thereof) you choose (and you may want to mix for example, <strong>gpgdir</strong> or <strong>truecrypt</strong> with the methodology I've just provided you with), there's an often forgotten goodie that I regularly use <strong>(DO NOT FORGET THAT YOU HAVE DONE THIS)</strong> to make the file completely immutable:</p> <blockquote> <pre><code>$ man chattr </code></pre> </blockquote> <p>Be careful with this - it is only for the most paranoid and it is akin to <em>hard-coding</em> data on your hard drive - so again, if you use it, <em>don't forget that you have</em>.</p> <p>I hope that helps!</p> <p>Kindest regards,</p> <p>Bradley <a href="http://NorthTech.US" rel="nofollow">http://NorthTech.US</a></p> <p>.</p>