|
Hopefully, this page is exactly what you are looking for, but if not, you can always find further assistance on Unix/Linux Forum!
User Commands encrypt(1)
NAME
encrypt, decrypt - encrypt or decrypt files
SYNOPSIS
/usr/bin/encrypt -l | -a algorithm [-v] [-k key_file] [-i
input_file] [-o output_file]
/usr/bin/decrypt -l | -a algorithm [-v] [-k key_file] [-i
input_file] [-o output_file]
DESCRIPTION
This utility encrypts or decrypts the given file or stdin
using the algorithm specified. If no output file is speci-
fied, output is to standard out. If input and output are the
same file, the encrypted output is written to a temporary
work file in the same filesystem and then used to replace
the original file.
On decryption, if the input and output are the same file,
the cleartext replaces the ciphertext file.
The output file of encrypt and the input file for decrypt
contains the following information:
o Output format version number, 4 bytes in network byte
order. The current version is 1.
o Iterations used in key generation function, 4 bytes in
network byte order.
o IV (ivlen bytes)[1]. iv data is generated by random
bytes equal to one block size.
o Salt data used in key generation (16 bytes).
o Cipher text data.
OPTIONS
The following options are supported:
-a algorithm Specify the name of the algorithm to
use during the encryption or decryp-
tion process. See USAGE, Algorithms
for details.
-i input_file Specify the input file. Default is
stdin if input_file is not speci-
fied.
SunOS 5.10 Last change: 20 Jan 2006 1
User Commands encrypt(1)
-k key_file Specify the file containing the key
value for the encryption algorithm.
Each algorithm has specific key
material requirements, as stated in
the PKCS#11 specification. If -k is
not specified, encrypt prompts for
key material using
getpassphrase(3C).
For information on generating a key
file, see dd(1M) or System Adminis-
tration Guide: Security Services.
-l Display the list of algorithms
available on the system. This list
can change depending on the confi-
guration of the cryptographic frame-
work. The keysizes are displayed in
bits.
-o output_file Specify output file. Default is
stdout if output_file is not speci-
fied. If stdout is used without
redirecting to a file, the terminal
window can appear to hang because
the raw encrypted or decrypted data
has disrupted the terminal emula-
tion, much like viewing a binary
file can do at times.
-v Display verbose information. See
Verbose.
USAGE
Algorithms
The supported algorithms are displayed with their minimum
and maximum key sizes in the -l option. These algorithms are
provided by the cryptographic framework. Each supported
algorithm is an alias of the PKCS #11 mechanism that is the
most commonly used and least restricted version of a partic-
ular algorithm type. For example: des is an alias to
CKM_DES_CBC_PAD and arcfour is an alias to CKM_RC4. Algo-
rithm variants with no padding or ECB are not supported.
SunOS 5.10 Last change: 20 Jan 2006 2
User Commands encrypt(1)
These aliases are used with the -a option and are case-
sensitive.
Passphrase
When the -k option is not used during encryption and decryp-
tion tasks, the user is prompted for a passphrase. The
passphrase is manipulated into a more secure key using the
PBKDF2 algorithm specified in PKCS #5.
When a passphrase is used with encrypt and decrypt, the user
entered passphrase is turned into an encryption key using
the PBKDF2 algorithm as defined defined in
http://www.rsasecurity.com, PKCS #5 v2.0.
Verbose
If an input file is provided to the command, a progress bar
spans the screen. The progress bar denotes every 25% com-
pleted with a pipe sign (|). If the input is from standard
input, a period (.) is displayed each time 40KB is read.
Upon completion of both input methods, Done is printed.
EXAMPLES
Example 1: Listing Available Algorithms
The following example lists available algorithms:
example$ encrypt -l
Algorithm Keysize: Min Max
-----------------------------------
aes 128 128
arcfour 8 128
des 64 64
3des 192 192
Example 2: Encrypting Using AES
The following example encrypts using AES and prompts for the
encryption key:
example$ encrypt -a aes -i myfile.txt -o secretstuff
Example 3: Using an In Pipe to Provide Encrypted Tape Backup
The following example uses an in pipe to provide encrypted
tape backup:
example$ ufsdump 0f - /var | encrypt -a arcfour \
-k /etc/mykeys/backup.k | dd of=/dev/rmt/0
Example 4: Using an In Pipe to Restore Tape Backup
SunOS 5.10 Last change: 20 Jan 2006 3
User Commands encrypt(1)
The following example uses and in pipe to restore a tape
backup:
example$ decrypt -a arcfour -k /etc/mykeys/backup.k \
-i /dev/rmt/0 | ufsrestore xvf -
Example 5: Encrypting an Input File Using the 3DES Algorithm
The following example encrypts the inputfile file with the
192-bit key stored in the des3key file:
example$ encrypt -a 3des -k des3key -i inputfile -o outputfile
EXIT STATUS
The following exit values are returned:
0 Successful completion.
>0 An error occurred.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcsu |
|_____________________________|_____________________________|
| Interface Stability | Evolving |
|_____________________________|_____________________________|
SEE ALSO
digest(1), mac(1), dd(1M), getpassphrase(3C),
libpkcs11(3LIB), attributes(5), pkcs11_softtoken(5)
System Administration Guide: Security Services
RSA PKCS#11 v2.11: http://www.rsasecurity.com
RSA PKCS#5 v2.0: http://www.rsasecurity.com
SunOS 5.10 Last change: 20 Jan 2006 4
Man(1) output converted with
man2html and wrapped by fishsponge
This page was generated on Wed Sep 12 11:24:37 GMT 2007
|
Your favourite pages:
No pages logged yet.
Trying to save cookie... Top 10 most popular pages:
sqlite3 man page (5053 hits)
(openSUSE 10.2)
adv_cap_autoneg man page (4731 hits)
(Solaris 10 11_06)
CPAN man page (4448 hits)
(Suse Linux 10.1)
ssh man page (4240 hits)
(Suse Linux 10.1)
svn man page (4098 hits)
(FreeBSD 6.2)
startproc man page (2154 hits)
(Suse Linux 10.1)
ssh-socks5-proxy-connect man page (2091 hits)
(Solaris 10 11_06)
netcat man page (2082 hits)
(Suse Linux 10.1)
signal man page (1945 hits)
(Suse Linux 10.1)
pprosetup man page (1944 hits)
(Solaris 10 11_06)
|
Man Pages 
