Openssl encrypt file password command line

The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams?

Learn more. Asked 8 years, 7 months ago. Active 8 years, 7 months ago. Viewed 18k times. I know how to decrypt if the key is a passphrase by using openssl enc -d -aescbc -in file. How do I use it? Improve this question. Javad Shareef Javad Shareef 1 1 gold badge 1 1 silver badge 2 2 bronze badges. Add a comment. Active Oldest Votes.

Improve this answer. The file will only be read up to the first newline. Now that I've written this question and answer, it all seems obvious. But it certainly took some time to figure out and I'd seen it take others similar time, so hopefully this can cut down that time and answer faster for others! With OpenSSL 1. So this example would be:. Sign up to join this community. The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group.

Create a free Team What is Teams? Learn more. How to use password argument in via command line to openssl for decryption Ask Question. Asked 7 years, 10 months ago. Active 2 years, 11 months ago. Viewed k times. Improve this question. David Sulpy David Sulpy 3, 3 3 gold badges 15 15 silver badges 11 11 bronze badges.

Add a comment. Active Oldest Votes. Additionally the documentation specifies you can provide other passphrase sources by doing the following: env:somevar to get the password from an environment variable file:somepathname to get the password from the first line of the file at location pathname fd:number to get the password from the file descriptor number. That random file acts as the password so to say. We encrypt the large file with the small password file as password. Then we send the encrypted file and the encrypted key to the other party and then can decrypt the key with their public key, the use that key to decrypt the large file.

The key is just a string of random bytes. We use a base64 encoded string of bytes, which is characters. Since characters is bits, even a small RSA key will be able to encrypt it. Let the other party send you a certificate or their public key. If they send to a certificate you can extract the public key using this command:. The key format is HEX because the base64 format adds newlines. The -pass argument later on only takes the first line of the file, so the full key is not used. Thanks Ken Larson for pointing this to me.