CommandCross-platform

Vault Seal

Encrypt File with AES-256 Using OpenSSL

Encrypts a file using AES-256-CBC encryption with a password. The encrypted file can be safely stored or transmitted and decrypted later with the same password.

Primary Scroll (Encrypt)

openssl enc -aes-256-cbc -salt -pbkdf2 -in secret.txt -out secret.txt.enc

Decrypt Scroll

openssl enc -aes-256-cbc -d -pbkdf2 -in secret.txt.enc -out secret.txt

Usage Notes

•-aes-256-cbc uses AES-256 in CBC mode
•-salt adds random salt for stronger encryption
•-pbkdf2 uses PBKDF2 key derivation (recommended)
•Add -a for base64 encoded output
•You will be prompted for a password interactively

Warnings

Warning:Use a strong, unique password - encryption is only as secure as your password
Warning:Store passwords securely - losing the password means losing the data

Related Scroll Ideas

• Encrypt entire directories with tar + openssl
• Generate random encryption keys
• Use GPG for asymmetric encryption

← Back to Developer Scrolls