How can I encrypt plain text with a password on Linux?

encryption

http://www.unreadable.de/ takes a plaintext message + password input and encrypts the plaintext. I want to do this locally on Linux. Is there a one-line command that will compute an encrypted version of my message that I can then email?

My goal is for the receiver to be able to decode the message with nothing but the password.

To be clear, I have no idea what various encryption schemes are (AES, openSSL, RSA, GPG, salt, base64, DES, CBC, reentrant) and not really interested in a research project. I just want a one-line command like

encrypt message.txt -password=secret.txt

which would be decoded like

decrypt message.txt -password=secret.txt

(Yes, I did use google first. https://encrypted.google.com/search?q=encrypt+plain+text+files+with+password+linux is not showing me anything I understand / think I can use.)


Solution 1:

The openssl(1) manpage gives a few examples on how to do this:

 ENC EXAMPLES
      Just base64 encode a binary file:

            $ openssl base64 -in file.bin -out file.b64

      Decode the same file:

            $ openssl base64 -d -in file.b64 -out file.bin

      Encrypt a file using triple DES in CBC mode using a prompted password:

            $ openssl des3 -salt -in file.txt -out file.des3

      Decrypt a file using a supplied password:

            $ openssl des3 -d -in file.des3 -out file.txt -k mypassword

      Encrypt a file then base64 encode it (so it can be sent via mail for
      example) using Blowfish in CBC mode:

            $ openssl bf -a -salt -in file.txt -out file.bf

      Base64 decode a file then decrypt it:

            $ openssl bf -d -a -in file.bf -out file.txt

As for the question on hand, the specific encryption scheme only matters inasmuch as both sides must of course use the same one. If you don’t know which one to use, Blowfish is probably a sensible choice:

$ openssl bf -a -salt -in file.txt -out file.bf
$ openssl bf -d -a -in file.bf -out file.txt

I take that you know that encrypting something without knowing at least a minimum about the cryptosystem used is… probably unwise. Personally, I think that a system like GPG is better suited for your task, but requires a little bit more setup, so technically doesn’t fit your question.

Solution 2:

OpenSSL will work. From How can I encrypt a string in the shell?:

# generate a 2048-bit RSA key and store it in key.txt
openssl genrsa -out key.txt 2048

# encrypt "hello world" using the RSA key in key.txt
echo "hello world" | openssl rsautl -inkey key.txt -encrypt >output.bin

# decrypt the message and output to stdout
openssl rsautl -inkey key.txt -decrypt <output.bin

For a simpler but less secure approach, try crypt: http://man7.org/linux/man-pages/man3/crypt.3.html

Related

customize excel 2010 highlight track changes
How do I recover the content from Notepad when the task froze?
Downloading flash movies from any source! [closed]
Two devices cannot ping each other through WiFi
How to display current time with the ffplay.exe?
Windows 8.1 EditionIDs?
VMware Workstation 8: how to fake a bootable USB stick?
CPU usage -> explorer.exe / shcore.dll!Ordinal247+0xc0
Setting multiple gateway for internet connection
How can I configure my wireless to be ad-hoc command-line?
Where does Chrome's Gmail Offline store its files on my Mac?
Numbers not creating a line graph