Quickly encrypt a file with OpenSSL
May 2nd, 2007 - Command Line, Mac OS X, Security, Tips & Tricks
A few months ago a question was posed to our readers about encrypting or password protecting a text file [How can I password protect a file?]. We got several good responses but one in particular has really stuck with me. A reader named Jim posted in the comments a tip about using OpenSSL that I have used a bunch since then, and I think others will find this useful as well. This tip is repeated from a DZone snippet, but slightly modified and annotated to better accommodate for Mac OS X users:
Encrypt a file using OpenSSL via the Command Line
This is a pretty simple way to encrypt a single file so that it is nearly impossible for others to read, and it will require a password to access again. You’ll need to use the OpenSSL technology via the command line for this to work.
Encrypt the file:
openssl des3 -salt -in file.txt -out encryptedfile.txt
Decrypt the file:
openssl des3 -d -salt -in encryptedfile.txt -out normalfile.txt
Be sure to heed this important advice so you don’t overwrite and lose files:
Do not specify the same file as input and output on encryption.. I have noticed weird effects on OS X (it eats the file). Remove the -in * stuff if you want to pipe data into it (e.g. a tarred folder). Omit the -out * stuff if you want it to pipe data out on STDOUT.
When you encrypt the file initially, it will prompt you to set a password to access the file and decrypt it again in the future - do not forget the password because triple DES encryption is incredibly powerful and you’ll likely lose the file’s content forever without the password.
Source: DZone Snippet - Thanks Jim!
Mac Deals from the Apple Store:
Comments:
Comments: 9
Comment from mugab
Time: May 2, 2007, 12:20 am
It’d be nice if there was an easy drag and drop utility to do this that just prompts you for a password. I’m not really command line savvy and I think there’s a lot of room for error.
It doesn’t look like it can be used on folders either which sucks
Comment from Weaver
Time: May 2, 2007, 9:35 am
that’s a pretty good solution to protect a single text file
Comment from Gash
Time: May 8, 2007, 11:18 am
This is a great solution. Another one would be to grab gpg for OSX and use ‘gpg -c ‘
Comment from Ignacio
Time: May 9, 2007, 12:35 am
If you want to protect a folder or more than one file use the disc utility, click on new image, set the space and the password.
Everyone have secrets… xD
Comment from Murphy
Time: May 9, 2007, 6:54 pm
mugab -
It might not be EXACTLY what you’re looking for - but I just posted the steps to make this command into a shell script. At least you can drag the file you want encrypted into a Terminal window !
Great tip OSXDaily !
Comment from buzzert
Time: May 11, 2007, 5:21 pm
“It doesn’t look like it can be used on folders either which sucks”
You could ZIP it first.
Comment from mchl
Time: August 15, 2007, 10:38 am
Many thanx for this information. Please note the possibility to add a password directly (it took me as a newby some hours to figure this out):
openssl des3 -salt -in file.txt -out file.des3 -k mypassword
(http://www.openssl.org/docs/apps/enc.html)
Comment from plaxdan
Time: September 30, 2007, 11:36 am
@mchl: Just remember if you enter your password on the command line, it will be stored in plain text in your .bash_history file.
Pingback from doodle dabbles » Blog Archive » OpenSSL: The Gift that Keeps On Giving
Time: August 18, 2008, 4:42 pm
[...] Also, from this awesome tip from OS X Daily, you can quickly encrypt a file using openssl using the following (I used AES 128 in CBC mode) — it even prompts you for the encryption password (key) twice: [...]
Social bookmarks:
- | del.icio.us | Digg it | Furl | Netscape | reddit | StumbleUpon | Yahoo MyWeb |
May 2nd, 2007


Write a comment