How to Encrypt a File with OpenSSL

By | 2013/10/13

For sensitive files or to securely send someone else a file, use OpenSSL to encrypt the file. Here’s how it works!


Encrypt

Encrypt a file called topsecret.txt with AES 256:

$ openssl aes-256-cbc -in topsecret.txt -out encodedtopsecret.txt
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:


Now the file encodedtopsecret.txt is a binary encrypted blob. There are no identifiable parts to this other than one thing that OpenSSL encrypted files show: ‘Salted__’ at the top when inspecting the file with the strings command. (This is how others have determined the wikileaks insurance files were encoded with OpenSSL!)

$ file encodedtopsecret.txt 
encodedtopsecret.txt: data
$ strings encodedtopsecret.txt 
Salted__
2sHkv
Rr7+
tOx*
#_p%&
WwlN
'fM`'
5,nn
Ha(oy
1$#0
=f_>z
D)@&
38yV/
p]XTyJ
10G2 

...

Decrypt

Now for your friend to decode this file, use tack d. OpenSSL prompts for the password the decrypts the file.

$ openssl aes-256-cbc -d -in encodedtopsecret.txt -out decodedtopsecret.txt
enter aes-256-cbc decryption password:

Done!

Leave a Reply

Your email address will not be published. Required fields are marked *

Notify me of followup comments via e-mail. You can also subscribe without commenting.