topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday March 29, 2024, 7:41 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Solid, command-line file encryption tool?  (Read 9323 times)

tranglos

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,081
    • View Profile
    • Donate to Member
Solid, command-line file encryption tool?
« on: February 25, 2012, 11:56 AM »
Tangentially related to mouser's ongoing search for an online backup solution. I'm trying the plain old ftp way, and for that I need an encryption utility with these features:

  • Command-line operation (GUI is ok but optional; this will run from a batch file)
  • Has to work with individual files; bonus points for storing multiple files in a single archive, but this is optional
  • No asymmetric (public key) cryptography, so no gnupg. I want to decrypt with just the passphrase and not worry about losing the private key or having it with me at all times.
  • Must use a known-good cipher with a reasonable key size. I don't care if three-letter agencies can crack it, but it has to be reasonably secure and use a well-known, solid encryption algorithm. No trade-secret, teenage wonder or homebrew solutions.
  • Preferably a mature project, not something that just appeared last week.
  • Must either be open source or come from a vendor I can trust. A small, independent vendor is preferable to a big corp, which will sacrifice security for profit and politics every time. (PGP is now owned by Symantec, yech!) Think TrueCrypt quality.
  • Commercial apps OK, as long as they satisfy all of the above.


I think that's it. Haven't looked at crypto apps in a long time, so I've no idea what's out there now.


Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: Solid, command-line file encryption tool?
« Reply #1 on: February 25, 2012, 12:14 PM »
Perhaps 7zip? It has a command line interface and meets your other requirements too I believe

tranglos

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,081
    • View Profile
    • Donate to Member
Re: Solid, command-line file encryption tool?
« Reply #2 on: February 25, 2012, 12:23 PM »
Perhaps 7zip? It has a command line interface and meets your other requirements too I believe

Not only that, but it can encrypt headers in the compressed file, so unlike in zip files, you can't see the filenames inside the archive without decrypting. I like it, so thanks for confirming my so-far favorable impression.

What it does not have is a switch to compress each file into a separate archive. I need that to minimize the amount of data to upload, since my outgoing bandwidth sucks. Still, the best candidate I've seen so far. I wonder if the authors are susceptible to bugging for new features :-)

Innuendo

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,266
    • View Profile
    • Donate to Member
Re: Solid, command-line file encryption tool?
« Reply #3 on: February 25, 2012, 01:27 PM »
My Google Fu turned up this thread dealing with using WinRAR from the command line to create a separate archive for each file:

http://forums.techgu...parate-archives.html

All you would need to do is edit the provided batch file provided to tailor it to your desired encryption requirements. I don't think you can anything more mature & proven than WinRAR. The world's largest file transfer network (Usenet) depends on RAR files.

Ath

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 3,612
    • View Profile
    • Donate to Member
Re: Solid, command-line file encryption tool?
« Reply #4 on: February 25, 2012, 03:06 PM »
What it does not have is a switch to compress each file into a separate archive.
You could do some smart batch scripting for that if needed? ;)

tranglos

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,081
    • View Profile
    • Donate to Member
Re: Solid, command-line file encryption tool?
« Reply #5 on: February 25, 2012, 03:22 PM »
What it does not have is a switch to compress each file into a separate archive.
You could do some smart batch scripting for that if needed? ;)

Certainly. It's just much simpler to use a single command with a switch and a filemask than a shell FOR loop :-)


Ath

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 3,612
    • View Profile
    • Donate to Member
Re: Solid, command-line file encryption tool?
« Reply #6 on: February 25, 2012, 03:32 PM »
It's just much simpler to use a single command with a switch and ...
That means a feature request is on it's way? :up:

AbteriX

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 1,149
    • View Profile
    • Donate to Member
Re: Solid, command-line file encryption tool?
« Reply #7 on: February 26, 2012, 02:43 PM »
I have known a few but never used, and forgot them all at the moment.

One i still have in my collection is this, maybe it is from interest?
Can only say it have worked with some small test files... but nothing more.

Code: Text [Select]
  1. MySecret Blowfish Encryption Utility
  2.  
  3. Version 3.1.1 Released 9 June 2007.
  4.  
  5. TO INSTALL
  6.  
  7.     1. Copy the file MYSECRET.EXE into a directory on your PC's path,
  8.        e.g. C:\Windows or C:\WINNT
  9.     2. That's it!
  10.    
  11. SYNTAX
  12.  
  13. Usage: MySecret [OPTIONS] [-p password] [[-i] infile [[-o] outfile]]
  14. OPTIONS:
  15. -?|-h display this Help
  16. -e|-d force Encrypt/Decrypt
  17. -n do Not ask to confirm password
  18. -w Warn before overwriting existing outfile
  19. -2 use v2.0 algorithm (no compression)
  20. -@ use stdin/stdout pipes if in/outfile not given
  21. -L display licence conditions
  22. EXAMPLES:
  23. MySecret                (=clipboard-mode, prompts for password)
  24. MySecret -p "my pass phrase"
  25. MySecret infile outfile (=file-mode)
  26. MySecret -@ infile      (output to stdout)
  27. MySecret -@ -o outfile  (input from stdin)
  28. MySecret -@             (input from stdin/output to stdout)
  29. For more information go to <http://www.di-mgt.com.au/mysecret.html>



The encrypted file is BASE64 encoded
Code: Text [Select]
  1. -----BEGIN MYSECRET-----
  2. TVn8AJd6uSAqarO1xZh78NUQWMXXfNb+F0K0yYmijYjf//JOmY8ecQUCJmh9
  3. b1hIVJKjdUad8FtsdjGGsAJ5whHh71ajI492oIH/OeHBM+LyMRS8qB80EqPa
  4. FQ6VxgXsOmV3B7LBKYyVKRcUL+Czwwj9PQL/dbFVcumqK/ppaU3pfTVVfzbU
  5. urKDVtqVMcBxbEe8F4LRC7K23PB7l1M3aO/oZaRxCiPznmFj9HiSnenHiajc
  6. InDb7n5F1v40Abx8XyL9a6yRhRWHbEWMvDJYc1UjEqu3wp+oJccdTpSERBfT




There is even an script to use it from XYplorer;
Code: Javascript [Select]
  1. /*
  2. ===================================================================================
  3. INSTRUCTIONS
  4.  Download the latest version of MySecret.zip (47 kB) from http://www.di-mgt.com.au/mysecret.html
  5.  Unzip the MySecret.zip into an folder, e.g. into "<xypath>\Tools\MySecret\..."
  6.  Save this script e.g. as "MySecret.xys" into "<xypath>\Scripts\..." folder
  7. USING
  8.  Select one file
  9.  Launch this script, e.g. from menu "Scripting > Load Script File... > MySecret.xys"
  10.  From the dialog choose "Encrypt" [or "Decrypt"]
  11.  The resulting output is encrypted and encoded using base64 encoding, ready to mail it.
  12. ===================================================================================
  13. */
  14.  
  15.  
  16. "Encrypt"
  17.  // creates an new, encrypted file with additional 'mys' extension:
  18.  $pas1 = Input("MySecret EnCrypt","Enter your password for ""<curname>"":");
  19.  $pass = Input('Confirm','Re-type your password:');
  20.  end ("$pas1" != "$pass"), "Password did not match";
  21.   run "<xypath>\Tools\MySecret\MySecret.exe -w -e -p $pass -i ""<curitem>"" -o ""<curitem>.mys""";
  22. //===============================
  23.  
  24.  
  25.  
  26. "Decrypt"
  27.  // creates an new, decrypted file and removes the 'mys' extension:
  28.  $pass = Input("MySecret DeCrypt","Enter your password for ""<curname>"":");
  29.   run "<xypath>\Tools\MySecret\MySecret.exe -d -w -p $pass -i ""<curitem>"" -o ""<curpath>\<curbase>""";
  30. //===============================
  31.  
  32.  
  33.  
  34.  
  35. "Readme"
  36.  sub "_readme";
  37. //===============================
  38.  
  39.  
  40.  
  41. -
  42.  
  43. "Edit this &script : edit"
  44.    self $ScriptFile, file;
  45.    OpenWith "<xypath>\Tools\NotePad2\Notepad2.exe", ,$ScriptFile;
  46. //===============================  
  47.  
  48.  
  49.  
  50. "_readme"
  51.  text <<<TEXT
  52. MySecret Blowfish Encryption Utility
  53. Version 3.1.1 Released 9 June 2007.
  54.  
  55. Works fine for file size till ~5MB.
  56. Decodeing an file with e.g. 25MB takes a few minutes.
  57.  
  58. TO INSTALL
  59.     1. Copy the file MYSECRET.EXE into a directory on your PC's path,
  60.       e.g. C:\Windows or C:\WINNT
  61.    2. That's it!
  62.    
  63. SYNTAX
  64. Usage: MySecret [OPTIONS] [-p password] [[-i] infile [[-o] outfile]]
  65. OPTIONS:
  66. -?|-h display this Help
  67. -e|-d force Encrypt/Decrypt
  68. -n do Not ask to confirm password
  69. -w Warn before overwriting existing outfile
  70. -2 use v2.0 algorithm (no compression)
  71. -@ use stdin/stdout pipes if in/outfile not given
  72. -L display licence conditions
  73. EXAMPLES:
  74. MySecret                (=clipboard-mode, prompts for password)
  75. MySecret -p "my pass phrase"
  76. MySecret infile outfile (=file-mode)
  77. MySecret -@ infile      (output to stdout)
  78. MySecret -@ -o outfile  (input from stdin)
  79. MySecret -@             (input from stdin/output to stdout)
  80. For more information go to <http://www.di-mgt.com.au/mysecret.html>
  81.  
  82. TERMS AND CONDITIONS
  83.  
  84. MySecret is copyright (C) 2002-7 DI Management Services Pty Ltd, all rights
  85. reserved. MySecret is freeware. Install and use entirely at your own risk.
  86.  
  87. Read more at http://www.di-mgt.com.au/mysecret.html
  88.  
  89. TEXT;
  90. //===============================<EOF>
« Last Edit: February 26, 2012, 02:56 PM by AbteriX »

criss

  • Charter Member
  • Joined in 2006
  • ***
  • default avatar
  • Posts: 17
    • View Profile
    • Donate to Member
Re: Solid, command-line file encryption tool?
« Reply #8 on: February 27, 2012, 02:47 AM »

tranglos

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,081
    • View Profile
    • Donate to Member
Re: Solid, command-line file encryption tool?
« Reply #9 on: February 27, 2012, 11:37 AM »
Thanks, everyone! Will try out the suggestions.