Cipher - Command Line Tool to Encrypt/Decrypt Files and Directories

cipher encrypt file linuxss you take some security measures to protect your environment and encrypt your data. Linux offers some encryption methods and there are some tools which can help you to encrypt your data. Encryption is important when you need to communicate sensitive information with your partners.

What is cipher

Cipher is an Ash module that makes it easy to perform aes-256-cbc encryption for files and directories. The ash-shell/cipher is licensed under the MIT License.

To install cipher, you have to install Ash before. After you have installed it, you can run either one of these two commands depending on your git clone preference:

ash apm:install https://github.com/ash-shell/cipher.git

or

ash apm:install [email protected]:ash-shell/cipher.git

1) Encrypt files and directories

With cipher, to encrypt data we use the command cipher:e followed by the name/location of the file or the directory. You will be asked to enter the password for the encryption

a. Encrypt files

Let's consider that we have a file with the content below:

# cat file 
file encrypting with linux cipher tool

To encrypt a file, we use the command below

ash cipher:e /root/file
<< cipher >>: Enter encryption password: 
<< cipher >>: Confirm encryption password: 
<< cipher >>: File encrypted at /root/file.enc

From my side, I have noticed that when I encrypt a file, the original file is not present but only the encrypted file is present. You can verify as below

# ls -l /root/
total 20
-rw-r--r--. 1 root root 90 Jun 25 19:56 file.enc
drwxr-xr-x. 2 root root 19 Jun 25 18:19 folder

You can see that we only have the encrypted file name file.enc. The operation automatically adds enc extension to the encrypted filename.

We can check the content of the encrypted file with the cat command

# cat /root/file.enc 
U2FsdGVkX19T+dDYuraqLzjsgrazvDTAi0opyeMbfZIuTFRPDsQg/ZXlMHD2Zc+A
6+i3iW3rPgl+NUjpanJkFA==

You can that the content is not readable by humans.

b. Encrypt folder

Let's consider the folder below

# ls -ld /root/folder
drwxr-xr-x. 2 root root 19 Jun 25 18:19 /root/folder

To encrypt the folder, use the command below

# ash cipher:e folder/
<< cipher >>: Enter encryption password: 
<< cipher >>: Confirm encryption password: 
<< cipher >>: Directory encrypted at folder.tar.gz.enc

You can see that the encrypted folder has been compressed. Now let's check the original folder

# ls -l /root
total 24
-rw-r--r--. 1 root root 90 Jun 25 19:56 file.enc
-rw-r--r--. 1 root root 285 Jun 25 20:17 folder.tar.gz.enc

We can notice that the original folder is not present. The encrypted folder has the extension of a compressed file but to see its content, we use the command cat as below

# cat /root/folder.tar.gz.enc 
U2FsdGVkX18WP0Lci6rkCfCruUA2P4UmzaOVzGdD1rt824CfNB8KthA0zLOZZDUl
xroF8q7tTrxR3RJrJesZcC08fzMZ5JtUnNAM7aIg+bljPFfep2HyP2XK1nRFk5rr
GTjUhd3ue5KCxUUaGAypLZHvA1LixX4FUFRV68u8G5VFPtaHSqc50E/qhUHClAKj
UlVWCvBtHDkD/DDcw1xjqhQKml5wNMK4N7f5dmaSFuXYBmSrQWcgW00i9URxX6jn
7eRawFYP+zbsl30QCWGrxw==

We can try to check the content of the compressed file with the tar command.

# tar -t /root/folder.tar.gz.enc

You can see that it is impossible to see the result, the cursor was held by the prompt. I was forced to use Ctrl-c to take the control of my shell. We can try to decompress it

# tar -zxvf /root/folder.tar.gz.enc

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now

You can see that we have an error message so the folder is encrypted and we can not have access to its content.

2) Decrypt files and directories

To decrypt data we use the command cipher:d followed by the name of the file or the directory. You will be asked to enter the password for decryption. It is the same password use for the encryption process.

a. Decrypt files

Now we will decrypt our file with the command below

# ash cipher:d /root/file.enc 
<< cipher >>: Enter decryption password: 
<< cipher >>: File decrypted at /root/file

You can the that the operation is a success. Now let's check the content of our file

# cat /root/file
file encrypting with linux cipher tool

You can see the content of our original file

b. Decrypt directories

To decrypt directories, it is exactly the same process as below

# ash cipher:d folder.tar.gz.enc 
<< cipher >>: Enter decryption password: 
<< cipher >>: Directory decrypted at folder/

You can see that our folder has been decrypted. Now let's check the content of our folder

# ls -l folder/
total 4
-rw-r--r--. 1 root root 11 Jun 25 21:08 essai

You can see that we can now access to our original folder normally.

Conclusion

In one of our earlier article, we have explained about gpg tool, but cipher is a new tool for encryption/decryption data based on password which is simple to use. It has simple command with two options for encrypting and decrypting data. The password used for encrypting is the same for decrypting. I advise you to do not use the same passwords for all the file to protect. So, it means that you will give to your trusted recipient the encrypting password corresponding to each protected file.

Alain Francois 2:00 am

About Alain Francois

IT Linux administrator passionate of free and open source software, I work on Linux Systems since some years on installations and deployments of certain solutions. I like to share my experiences with a wider audience by training and conferences.

Author Archive Page

Have anything to say?

Your email address will not be published. Required fields are marked *

All comments are subject to moderation.

2 Comments

  1. Another CLI encryption/decryption tool. Because we did not have enough. E.g. the openssl command line tool has been able to do that for decades. The wheel reinvented over, and over, and over again.

    1. Hi,
      You can see some users who are not comfortables with openssl and the cipher tool has the advantage of the simplicity during the encryption/decryption operation and doesn't really asks some Linux knowledge