Snippets
DZone Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world

Snippets has posted 5883 posts at DZone. View Full User Profile

Easy File Encryption And Decryption From The Shell

05.27.2005
| 63769 views |
  • submit to reddit 
        Works on OS X, Linux, anywhere with OpenSSL installed:

To encrypt a file:

openssl des3 -salt -in infile.txt -out encryptedfile.txt

To decrypt the file:

openssl des3 -d -salt -in encryptedfile.txt -out normalfile.txt

Do not specify the same file as input and output on encryption.. I have noticed weird effects on OS X (it eats the file). Remove the -in * stuff if you want to pipe data into it (e.g. a tarred folder). Omit the -out * stuff if you want it to pipe data out on STDOUT.

Comments

Walter Wilfinger replied on Sat, 2008/01/12 - 5:34pm

I put these commands into two scripts that I added to my path. 'encrypt file.txt' will create an encrypted file 'file.txt.des3' 'decrypt file.txt.des3' will decrypt the file to 'file.txt' The -a option, not mentioned above, stores the encrypted file in base64 instead of binary. ~/bin/encrypt #!/bin/bash openssl des3 -a -in $1 -out $1.des3 ~/bin/decrypt #!/bin/bash openssl des3 -d -a -in $1 -out ${1%.des3}

Snippets Manager replied on Tue, 2007/08/28 - 7:43pm

Nice. Also, for anyone having GnuPG installed: gpg -c file Asks for password and creates encrypted file.gpg with symmetric cipher (default is CAST5, but I'd suggest adding --cipher-algo AES256 ;-)). Of course, asks for password. Decrypting is pretty easy too: gpg -d file.gpg (output to stdout) gpg -o file -d file.gpg (output to file) Seems to `detect' the cipher used and, obviously, asks for password. It's possible to include the password from file (--passphrase-file file) or even on the commandline (lol, security. --passphrase string).
"Starting from scratch" is seductive but disease ridden
-Pithy Advice for Programmers