Difference between revisions of "Encrypt and decrypt files"
Jump to navigation
Jump to search
↑ https://unix.stackexchange.com/questions/162960/how-can-i-encrypt-a-file
↑ https://stackoverflow.com/a/31552829
Tags: Mobile web edit, Mobile edit |
|||
| (25 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | Examples: | ||
| + | * <code>[[openssl enc]], [[openssl enc -d]]</code> | ||
| + | * <code>[[ansible-vault encrypt]], [[ansible-vault decrypt]]</code> | ||
| + | * <code>[[sops -d]], [[sops -e]]</code> | ||
== Using [[OpenSSL]] == | == Using [[OpenSSL]] == | ||
| Line 6: | Line 10: | ||
Using aes-256-cbc cypher, You will be prompted for a password when encrypting that has to be used for decrypting.<ref>https://stackoverflow.com/a/31552829</ref> | Using aes-256-cbc cypher, You will be prompted for a password when encrypting that has to be used for decrypting.<ref>https://stackoverflow.com/a/31552829</ref> | ||
| − | * [[Encrypt]] file (<code>openssl enc</code>): | + | * [[Encrypt]] file (<code>[[openssl enc]]</code>): |
| − | :<code>openssl enc -[[aes-256]]-cbc -in un_encrypted.data -out encrypted.data</code> | + | :<code>[[openssl enc]] -[[aes-256]]-cbc -in un_encrypted.data -out encrypted.data</code> |
: You can use <code>[[file (command)|file]]</code> command to verify file type. | : You can use <code>[[file (command)|file]]</code> command to verify file type. | ||
| Line 18: | Line 22: | ||
:<code>openssl enc '''-d''' -aes-256-cbc -in encrypted.data -out un_encrypted.data</code> | :<code>openssl enc '''-d''' -aes-256-cbc -in encrypted.data -out un_encrypted.data</code> | ||
| + | |||
| + | |||
| + | macOS options: | ||
| + | * <code>-salt</code> Use a salt in the key derivation routines (the default). When the salt is being used the first eight bytes of the encrypted data are reserved for the salt: it is randomly generated when encrypting a file and read from the encrypted file when it is decrypted. | ||
| + | |||
| + | == Related terms == | ||
| + | * <code>[[zip]] -r -0 -e encrypted_file.zip /path/to/files</code> | ||
| + | |||
| + | * <code>[[ansible-vault encrypt]], [[ansible-vault decrypt]]</code> | ||
| + | * <code>[[aws-encryption-cli]]</code> | ||
| + | * <code>[[aws kms encrypt]]</code> | ||
| + | * <code>[[sops --decrypt]]</code>, <code>[[sops -d]]</code> | ||
| + | * [[PGP]], [[GnuPG]] | ||
== See also == | == See also == | ||
* {{openSSL}} | * {{openSSL}} | ||
| + | * {{Encryption}} | ||
[[Category:Security]] | [[Category:Security]] | ||
Latest revision as of 07:55, 6 October 2022
Examples:
Using OpenSSL[edit]
Encrypt and decrypt a file[1] (GPG can also be used for encrypting and decrypting files)
Using aes-256-cbc cypher, You will be prompted for a password when encrypting that has to be used for decrypting.[2]
- Encrypt file (
openssl enc):
openssl enc -aes-256-cbc -in un_encrypted.data -out encrypted.data- You can use
filecommand to verify file type.
file encrypted.data encrypted.data: openssl enc'd data with salted password
- Encrypt file providing password on the command line, be aware that your password will be store on history of your shell):
openssl aes-256-cbc -a -salt -in twitterpost.txt -out foo.enc -pass file:<( echo -n "someGoodPassword" )
- Decrypt file (
openssl enc -d):
openssl enc -d -aes-256-cbc -in encrypted.data -out un_encrypted.data
macOS options:
-saltUse a salt in the key derivation routines (the default). When the salt is being used the first eight bytes of the encrypted data are reserved for the salt: it is randomly generated when encrypting a file and read from the encrypted file when it is decrypted.
Related terms[edit]
zip -r -0 -e encrypted_file.zip /path/to/files
ansible-vault encrypt, ansible-vault decryptaws-encryption-cliaws kms encryptsops --decrypt,sops -d- PGP, GnuPG
See also[edit]
- OpenSSL: RSA, ECDSA, WolfSSL, AES, Diffie-Hellman (DH) key-exchange,
/etc/ssl/openssl.cnf, OpenSSL v3 - Encryption, openssl, ecryptfs, encfs, GPG, PGP, Symantec Encryption Desktop, VeraCrypt, CMEK, BitLocker, OAEP, Cypher
Advertising:
