Difference between revisions of "Encrypt and decrypt files"
Jump to navigation
Jump to search
↑ https://unix.stackexchange.com/questions/162960/how-can-i-encrypt-a-file
↑ https://stackoverflow.com/a/31552829
Tags: Mobile web edit, Mobile edit |
|||
(19 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | * | + | |
+ | Examples: | ||
+ | * <code>[[openssl enc]], [[openssl enc -d]]</code> | ||
+ | * <code>[[ansible-vault encrypt]], [[ansible-vault decrypt]]</code> | ||
+ | * <code>[[sops -d]], [[sops -e]]</code> | ||
== Using [[OpenSSL]] == | == Using [[OpenSSL]] == | ||
Line 7: | Line 11: | ||
* [[Encrypt]] file (<code>[[openssl enc]]</code>): | * [[Encrypt]] file (<code>[[openssl enc]]</code>): | ||
− | :<code>openssl enc -[[aes-256]]-cbc -in un_encrypted.data -out encrypted.data</code> | + | :<code>[[openssl enc]] -[[aes-256]]-cbc -in un_encrypted.data -out encrypted.data</code> |
: You can use <code>[[file (command)|file]]</code> command to verify file type. | : You can use <code>[[file (command)|file]]</code> command to verify file type. | ||
Line 20: | Line 24: | ||
− | + | macOS options: | |
* <code>-salt</code> Use a salt in the key derivation routines (the default). When the salt is being used the first eight bytes of the encrypted data are reserved for the salt: it is randomly generated when encrypting a file and read from the encrypted file when it is decrypted. | * <code>-salt</code> Use a salt in the key derivation routines (the default). When the salt is being used the first eight bytes of the encrypted data are reserved for the salt: it is randomly generated when encrypting a file and read from the encrypted file when it is decrypted. | ||
== Related terms == | == Related terms == | ||
* <code>[[zip]] -r -0 -e encrypted_file.zip /path/to/files</code> | * <code>[[zip]] -r -0 -e encrypted_file.zip /path/to/files</code> | ||
+ | |||
+ | * <code>[[ansible-vault encrypt]], [[ansible-vault decrypt]]</code> | ||
+ | * <code>[[aws-encryption-cli]]</code> | ||
+ | * <code>[[aws kms encrypt]]</code> | ||
+ | * <code>[[sops --decrypt]]</code>, <code>[[sops -d]]</code> | ||
+ | * [[PGP]], [[GnuPG]] | ||
== See also == | == See also == | ||
* {{openSSL}} | * {{openSSL}} | ||
+ | * {{Encryption}} | ||
[[Category:Security]] | [[Category:Security]] |
Latest revision as of 07:55, 6 October 2022
Examples:
Using OpenSSL[edit]
Encrypt and decrypt a file[1] (GPG can also be used for encrypting and decrypting files)
Using aes-256-cbc cypher, You will be prompted for a password when encrypting that has to be used for decrypting.[2]
- Encrypt file (
openssl enc
):
openssl enc -aes-256-cbc -in un_encrypted.data -out encrypted.data
- You can use
file
command to verify file type.
file encrypted.data encrypted.data: openssl enc'd data with salted password
- Encrypt file providing password on the command line, be aware that your password will be store on history of your shell):
openssl aes-256-cbc -a -salt -in twitterpost.txt -out foo.enc -pass file:<( echo -n "someGoodPassword" )
- Decrypt file (
openssl enc -d
):
openssl enc -d -aes-256-cbc -in encrypted.data -out un_encrypted.data
macOS options:
-salt
Use a salt in the key derivation routines (the default). When the salt is being used the first eight bytes of the encrypted data are reserved for the salt: it is randomly generated when encrypting a file and read from the encrypted file when it is decrypted.
Related terms[edit]
zip -r -0 -e encrypted_file.zip /path/to/files
ansible-vault encrypt, ansible-vault decrypt
aws-encryption-cli
aws kms encrypt
sops --decrypt
,sops -d
- PGP, GnuPG
See also[edit]
- OpenSSL: RSA, ECDSA, WolfSSL, AES, Diffie-Hellman (DH) key-exchange,
/etc/ssl/openssl.cnf
, OpenSSL v3 - Encryption, openssl, ecryptfs, encfs, GPG, PGP, Symantec Encryption Desktop, VeraCrypt, CMEK, BitLocker, OAEP, Cypher
Advertising: