How do I password protect / encrypt a file within Linux using OpenSSL ?

In this article we will encrypt (using AES 256 cbc) and password protect (Salt the AES) a file using the openssl binary.

The file we will encrypt will be the file secretfile.txt.As you can see it is just a plain text file.

[[email protected] tmp]# cat  secretfile.txt
This is a secret file that we do not want anyone to read.

Encrypt File

Use the openssl comand to encrypt your file and then test the new file is fully encrypted.

[[email protected] tmp]# openssl aes-256-cbc -salt -in secretfile.txt -out secretfile.txt.aes
enter aes-256-cbc encryption password:
Verifying – enter aes-256-cbc encryption password:

[[email protected] tmp]# cat  secretfile.txt.aes

Decrypt File

Decrypt the file and then confirm the decypted file is readable.

[[email protected]linux tmp]# openssl aes-256-cbc -d -salt -in secretfile.txt.aes -out secretfile.txt
enter aes-256-cbc decryption password:

[[email protected] tmp]# cat secretfile.txt
This is a secret file that we do not want anyone to read.

Further notes : In a non-interactive scenario (such as using this within a script) were you require no input from the shell (user), you can use the -k to specify the password. Such as `openssl aes-256-cbc -salt -in secretfile.txt -out secretfile.txt.aes -k [password]`.


Rick Donato

Want to become a Linux expert?

Here is our hand-picked selection of the best courses you can find online:
Linux Mastery course
Linux Administration Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial