Simple built-in way to encrypt and decrypt a file on a Mac via command-line?

command-line mac security encryption

Are there any built in command-line tools that I can encrypt and decrypt a text file (and provide it some sort of password).


openssl comes pre-installed on Mac OS X.

You can use the following commands:

# encrypt file.txt to file.enc using 256-bit AES in CBC mode
openssl enc -aes-256-cbc -salt -in file.txt -out file.enc

# the same, only the output is base64 encoded for, e.g., e-mail
openssl enc -aes-256-cbc -a -salt -in file.txt -out file.enc

# decrypt binary file.enc
openssl enc -d -aes-256-cbc -in file.enc -out file.txt

# decrypt base64-encoded version
openssl enc -d -aes-256-cbc -a -in file.enc -out file.txt

(copied from OpenSSL Command-Line HOWTO: How do I simply encrypt a file?)

You will be prompted for a password. You can also specify a password on the command-line using -pass pass:mySillyPassword or -pass file:/path/to/secret/password.txt

These commands use 256-bit AES ecryption with Cipher Block Chaining (CBC), which is about as secure as it gets right now.


I've built a shell script for that. You can use it on Mac or on Linux. 

#!/bin/bash
#encrypt files with aes-256-cbc cipher using openssl

#encrypt files
if [ $1 == "-e" ];
then
    if [ -f "$2" ];
    then
    openssl aes-256-cbc -a -e -salt -in "$2" -out "$2.aes"
    else
       echo "This file does not exist!" 
    fi
#decrypt files
elif [ $1 == "-d" ];
then
    if [ -f "$2" ];
    then
        openssl aes-256-cbc -a -d -salt -in "$2" -out "$2.decrypt"
    else
        echo "This file does not exist!" 
    fi
#show help
elif [ $1 == "--help" ];
then
    echo "This software uses openssl for encrypting files with the aes-256-cbc cipher"
    echo "Usage for encrypting: ./encrypt -e [file]"
    echo "Usage for decrypting: ./encrypt -d [file]"
else
    echo "This action does not exist!"
    echo "Use ./encrypt --help to show help."
fi

Simply save this in a text file in issue chmod +x file to make it executable. after that use ./filename --help to get infos.


Mac OS X has the ability to create encrypted container files (similar to e.g. Truecrypt), that can optionally grow with the amount of data placed in them. Use Disk Utility to do this.

In Disk Utility, select File » New » Blank Disk Image… with one of the sparse image formats. Select AES-128 or AES-256 as encryption.

From the command line, the same functionality is available via the hdiutil program.

Related

Transparent text background in an arrow in Visio
Excel copy-paste: always match destination formatting
How to print files that would have been changed using rsync?
How to get rid of the warnings when opening a file that has a .swp file?
Does a virtual machine count as a separate device to the ISP?
Copy Excel worksheet and maintain relative cell reference in formulas
Disable WLan if Wired/Cable Network is available
Is the Wii Fit U board compatible with the original Wii?
What's the purpose of self destruct?
What do the stats in Jet Set Radio Future do?
What are Typing Jet and De La Jet Set Radio?
Why villager-farmer plants unrelated crops?