Linux: Password Protect & Encrypt File Using OpenSSL

In this article we will encrypt (using AES 256 cbc) and password protect (Salt the AES) a file using the openssl binary.

The file we will encrypt will be the file secretfile.txt.As you can see it is just a plain text file.

[root@linux tmp]# cat  secretfile.txt
This is a secret file that we do not want anyone to read.

Encrypt File

Use the openssl comand to encrypt your file and then test the new file is fully encrypted.

[root@linux tmp]# openssl aes-256-cbc -salt -in secretfile.txt -out secretfile.txt.aes
enter aes-256-cbc encryption password:
Verifying – enter aes-256-cbc encryption password:

[root@linux tmp]# cat  secretfile.txt.aes
3b¦ted__Ù.:SLìÕ§ÕL<Jdc
u3AÈF\V!ê:S2;³âÿ.LfjÏ©ù!_b*&)Stfù

Decrypt File

Decrypt the file and then confirm the decypted file is readable.

[root@linux tmp]# openssl aes-256-cbc -d -salt -in secretfile.txt.aes -out secretfile.txt
enter aes-256-cbc decryption password:

[root@linux tmp]# cat secretfile.txt
This is a secret file that we do not want anyone to read.

Further notes : In a non-interactive scenario (such as using this within a script) were you require no input from the shell (user), you can use the -k to specify the password. Such as `openssl aes-256-cbc -salt -in secretfile.txt -out secretfile.txt.aes -k [password]`.

 

Rick Donato

Want to become a Linux expert?

Here is our hand-picked selection of the best courses you can find online:
Linux Mastery course
Linux Administration Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial