# TIP: encrypt and decrypt files using OpenSSL



## anomie (Jun 1, 2009)

*Quick caveat*

This may be common knowledge for many of you, but I decided to put this short writeup together for those who are not aware of the option. I am occasionally working on a FreeBSD or Linux system where GnuPG is not installed, and I need a quick way to encrypt and decrypt files from the command line. 

*Enter OpenSSL*

openssl(1) and its companion, enc(1), provide a mechanism for encryption and decryption using a variety of ciphers. Please refer to both manpages to get a functional understanding of both programs, and to review the available options. 

*Encryption example*

Without further ado, let's encrypt a file, _myfile_. 

`% openssl enc -bf -salt -in myfile -out myfile.enc -e -a`

Note that we're using base64 encoding (-a). This a good idea, particularly if you will be transferring (ftp-ing, emailing, etc.) the file. 

You will be prompted for an "encryption password" (which the key will be derived from to encrypt your file), and you will be required to verify the same password. The encrypted, base64 encoded file will now be in _myfile.enc_. 

*Decryption example*

Upon receiving an encrypted file (created using the precise command in the example above), we can decrypt it using the following. 

`% openssl enc -bf -in myfile.enc -out myfile.dec -d -a`

You will be prompted for the same "encryption password" that you provided in the previous example. (Don't forget it.) Afterwards, the decrypted, base64 decoded file will be in _myfile.dec_. 

That's it. You might consider setting up a shell alias or function, or a small Bourne script to obfuscate the options.


----------



## BuSerD (Jun 2, 2009)

I do not have use of this currently and have not done it in ages but thanks for the the reminder.


----------

