GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
AESCRYPT(1) FreeBSD General Commands Manual AESCRYPT(1)

aescrypt
encrypt data using Rijndael, the Advanced Encryption Standard winner

aescrypt -k keyfile [-s keysize]

The aescrypt utility encrypts data using the Rijndael algorithm, the winner of the Advanced Encryption Standard (AES) competition. The encryption is done in Cipher Block Feedback (CFB-128) mode, with the salt randomly generated from data read from the /dev/urandom device. The plaintext data is read from standard input and the encrypted data is written to standard output.

The encryption key may be read from standard input or from a file, depending on the argument passed to the -k command-line option. If “-” is used as a filename, the aescrypt utility reads as many hexadecimal digits as needed from standard input and then one additional byte to allow for a newline separating the key from the actual data to be encrypted. If the filename is not “-”, the aescrypt utility opens the specified file and reads text lines from it until a line starting with the characters kk= is reached. Those characters should be immediately followed by as many hexadecimal digits as needed; the rest of the line, as well as the rest of the file, is ignored.

The encryption key may be 128, 192, or 256 bits long. By default, the aescrypt utility uses (and expects to read) a 128-bit key, unless a different size is supplied by the -s keysize command-line option.

The aescrypt utility reads 16 bytes (128 bits) from the /dev/urandom device to initialize the salt for the CFB-128 encryption. The salt is prepended to the encrypted data in the output.

Generate a random 128-bit value and store it into a keyfile suitable for the aescrypt utility:

perl -e 'open(F, "<", "/dev/random") or die("$!\n"); read(F, $s, 32); print "kk=".unpack("H*", $s)."\n"'

Encrypt the contents of the /etc/hosts file with the generated (128-bit by default) key:

aescrypt -k key.txt < /etc/hosts > hosts.aes

Encrypt a string with a 192-bit key supplied directly:

(echo '012345678901234567890123456789012345678901234567'; echo 'This is a test.') | ./aescrypt -s 192 -k - > test.aes

aesget(1)

The SourceForge project page: http://sourceforge.net/projects/aescrypt/

The aescrypt utility was written by Eric Lee Green, and was modified to use Rijndael rather than Twofish by Randy Kaelber. It uses the freely available Rijndael implementation by Antoon Bosselaers and Vincent Rijmen. This manual page was written by Peter Pentchev in 2008.

The aescrypt utility - Eric Lee Green ⟨eric@badtux.org⟩, Randy Kaelber ⟨randyk@sourceforge.net⟩.

The manual page - Peter Pentchev ⟨roam@ringlet.net⟩.

June 8, 2008 FreeBSD 13.1-RELEASE
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.