ccrypt is an encryption utility similar to mcrypt which we explored in an earlier article. ccrypt can encrypt and decrypt single files and streams. It intends to be a replacement of the crypt utility which uses weak algorithm for encryption. ccrypt uses the Rijndael block cipher, a version of which is also used in the Advanced Encryption Standard (AES). Using a compatibility mode, ccrypt can decrypt files encrypted using crypt. ccrypt is also easier to use than mcrypt.

ccrypt can be invoked using 4 different commands:

ccrypt : needs the correct switch for encryption or decryption

ccencrypt : command to encrypt

ccdecrypt : command to decrypt

ccat : direct terminal decryption, to avoid storing on disk

One of the interesting features of ccrypt is it can read the first line of a file and use it as encryption key. The file could be the same file you want to encrypt!

Installation

On Ubuntu, run:

$ apt-get install ccrypt

Usage

To encrypt a file (ccrypt generates a .cpt file):

$ ccencrypt --keyfile abc abc

To decrypt:

$ ccdecrypt abc.cpt

ccrypt syntax and options:

Syntax: ccrypt [mode] [options] [file...] ccencrypt [options] [file...] ccdecrypt [options] [file...] ccat [options] file...

Modes: -e, --encrypt encrypt -d, --decrypt decrypt -c, --cat cat; decrypt files to stdout -x, --keychange change key -u, --unixcrypt decrypt old unix crypt files

Options: -h, --help print this help message and exit -V, --version print version info and exit -L, --license print license info and exit -v, --verbose print progress information to stderr -q, --quiet run quietly; suppress warnings -f, --force overwrite existing files without asking -m, --mismatch allow decryption with non-matching key -E, --envvar var read keyword from environment variable (unsafe) -K, --key key give keyword on command line (unsafe) -k, --keyfile file read keyword(s) as first line(s) from file -P, --prompt prompt use this prompt instead of default -S, --suffix .suf use suffix .suf instead of default .cpt -s, --strictsuffix refuse to encrypt files which already have suffix -F, --envvar2 var as -E for second keyword (for keychange mode) -H, --key2 key as -K for second keyword (for keychange mode) -Q, --prompt2 prompt as -P for second keyword (for keychange mode) -t, --timid prompt twice for encryption keys (default) -b, --brave prompt only once for encryption keys -y, --keyref file encryption key must match this encrypted file -r, --recursive recurse through directories -R, --rec-symlinks follow symbolic links as subdirectories -l, --symlinks dereference symbolic links -T, --tmpfiles use temporary files instead of overwriting (unsafe)

Webpage: ccrypt