How to encrypt files using OpenSSL

Here’s how to encrypt a single file using a password and a salt:
openssl aes-256-cbc -salt -in filename -out filename.enc -base64
Type a strong password when prompted.

Here’s how to decrypt the same file:
openssl enc -d -aes-256-cbc -a -in filename.enc -out filename
You’ll need to re-enter the passwod that you used to encrypt it.

If you want to encrypt multiple files, combine them into a tar or zip archive before encrypting them.

You can replace aes-256-cbc with a different cipher if you prefer. You can get the list of available ciphers using openssl -h.

Very, VERY important note: Once you’ve encrypted the file, immediately test that you can successfully decrypt it! You will be kicking yourself if you try to recover the data later on or send it to someone else and find that something is wrong with it.

References:

  1. http://serverfault.com/questions/489140/what-is-a-good-solution-to-encr… (basic command)
  2. https://www.madboa.com/geek/openssl/#encrypt (note about different ciphers)
  3. http://stackoverflow.com/questions/21766932/openssl-one-line-base64-inp… (getting round the message “error reading input file” when decrypting)

Add new comment

CAPTCHA