Skip to main content

加密檔案 - OpenSSL

Create Example Reference File

Let us create a 1GB large text file using the fallocate command:

fallocate -l 1024M test.txt
echo "LinuxShellTips tutorial on encrypting a large file with OpenSSL in Linux" >> test.txt
cat test.txt
Encrypt File with Password
openssl enc -aes-256-cbc -pbkdf2 -p -in test.txt -out test.txt.enc
  • enc executes the symmetric key encryption process.
  • -aes-256-cbc specifies the use of 256 bits cryptographic key.
  • -pbkdf2 is the default algorithm being used.
  • -p prints used salt, key, and IV.
  • -in points to the input file.
  • -out points to the output file.

To decrypt the file, run:

openssl aes-256-cbc -d -pbkdf2 -in test.txt.enc -out sample_decrypted.txt

You will be required to enter the encryption password you generated earlier.

Encrypt File with Key
# generate a key file
openssl rand 256 > symmetric_keyfile.key
# use the keyfile to encrypt our file
openssl enc -in test.txt -out test.txt.enc -e -aes-256-cbc -pbkdf2 -k symmetric_keyfile.key

To decrypt the file, run:

openssl enc -in test.txt.enc -out draft_decrypted.txt -d -aes-256-cbc -pbkdf2 -k symmetric_keyfile.key
Back to top