In this article we will encrypt (using AES 256 cbc) and password protect (Salt the AES) a file using the openssl binary.
The file we will encrypt will be the file secretfile.txt.As you can see it is just a plain text file.
[root@linux tmp]# cat secretfile.txt
This is a secret file that we do not want anyone to read.
Encrypt File
Use the openssl comand to encrypt your file and then test the new file is fully encrypted.
[root@linux tmp]# openssl aes-256-cbc -salt -in secretfile.txt -out secretfile.txt.aes
enter aes-256-cbc encryption password:
Verifying – enter aes-256-cbc encryption password:
[root@linux tmp]# cat secretfile.txt.aes
3b¦ted__Ù.:SLìÕ§ÕL<Jdc
u3AÈF\V!ê:S2;³âÿ.LfjÏ©ù!_b*&)Stfù
Decrypt File
Decrypt the file and then confirm the decypted file is readable.
[root@linux tmp]# openssl aes-256-cbc -d -salt -in secretfile.txt.aes -out secretfile.txt
enter aes-256-cbc decryption password:
[root@linux tmp]# cat secretfile.txt
This is a secret file that we do not want anyone to read.
Further notes : In a non-interactive scenario (such as using this within a script) were you require no input from the shell (user), you can use the -k to specify the password. Such as `openssl aes-256-cbc -salt -in secretfile.txt -out secretfile.txt.aes -k [password]`.
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become a Linux expert?
Here is our hand-picked selection of the best courses you can find online:
Linux Mastery course
Linux Administration Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial