[RndTbl] Encrypt files/info/whatever easily.

Sean Cody sean at tinfoilhat.ca
Thu Jul 1 15:29:12 CDT 2010


So yeah this is normally something I would reserve for the newsletter but the inspiration hit me and I'll forget by September. :P

So say someone wants to tell you something secret or you need to write down a secret in a file but don't want it in plaintext.
Well using the shell & openssl [installed by default on OS X and probably on Linux [I know it's default on *BSD]]...

Assuming your shell is SH derrivitive..


#cat << EOL | openssl aes-256-cbc -a -salt -out secret.txt
OMG I haz a secretz!
EOL
(password will be requested here)
#

Notice I'm using what is referred to as a HEREDOC and piping it to openssl chosing the aes-256-cbc cipher.
The -a parameter just says the input is in base64.  -salt is well salting the cipher.
So how do you get that back?

#openssl aes-256-cbc -d -a -in secret.txt
(password will be requested here)
OMG I haz a secretz!
#

In this case -d is well... decrypt.

You can replace the cat pipeline with -in somefile.txt if you want to do files themselves but this way no plaintext hits the disk (unless you shell swaps... which you have other issues then. :P).

This is awesome because you don't have to install something special (ie. truecrypt) for a quick encrypt and you can store the data set anywhere and pull it (say via wget with pipelining) from random places with openssl installed to decrypt.  Not really suggested for super secret stuff but it can be pretty handy... especially when passing around messages in a MacGyver sneaker net style situation.

-- 
Sean





More information about the Roundtable mailing list