nova-platform-io / ccrypt Goto Github PK

                                   ccrypt

   Secure encryption and decryption of files and streams
     _________________________________________________________________

  Description

   ccrypt is a utility for encrypting and decrypting files and streams.
   It was designed as a replacement for the standard unix crypt utility,
   which is notorious for using a very weak encryption algorithm. ccrypt
   is based on the Rijndael cipher, which is the U.S. government's chosen
   candidate for the Advanced Encryption Standard (AES, see
   http://www.nist.gov/aes).  This cipher is believed to provide very
   strong security.

   Unlike unix crypt, the algorithm provided by ccrypt is not symmetric,
   i.e., one must specify whether to encrypt or decrypt. The most common
   way to invoke ccrypt is via the commands ccencrypt and ccdecrypt.
   There is also a ccat command for decrypting a file directly to the
   terminal, thus reducing the likelihood of leaving temporary plaintext
   files around.  In addition, there is a compatibility mode for
   decrypting legacy unix crypt files. An emacs mode is also supplied for
   editing encrypted text files.

   Encryption and decryption depends on a keyword (or key phrase)
   supplied by the user.  By default, the user is prompted to enter a
   keyword from the terminal.  Keywords can consist of any number of
   characters, and all characters are significant (although ccrypt
   internally hashes the key to 256 bits). Longer keywords provide better
   security than short ones, since they are less likely to be discovered
   by exhaustive search.

   For a detailed description of the encryption algorithm used by ccrypt,
   see the man page.

  Downloading and Installing from Source

   The following instructions are for compiling ccrypt from source
   code; if you have downloaded one of the precompiled binary
   distributions, please skip to "Downloading and Installing Precompiled
   Distributions" below.

   The source distribution of the current version of ccrypt can be
   downloaded as a gzipped tar archive from
   http://ccrypt.sourceforge.net/. You can unpack the archive with a
   command such as

       tar -zxf ccrypt-XXX.tar.gz

   For compiling and installation, please follow the instructions in
   the file INSTALL. The basic installation sequence is:

       ./configure
       make
       make check

   The only non-standard configuration option is --disable-libcrypt.
   Normally, ccrypt will be linked against the libcrypt library, if
   available. If this library is not available, or if the
   --disable-libcrypt option is given to ./configure, then we will use
   our own replacement for this library. This is useful for creating
   binary distributions when we don't want to distribute libcrypt.so.

  Downloading and Installing Precompiled Distributions

   ccrypt is also available in precompiled formats for a number of
   popular platforms, including Linux, MacOS X, FreeBSD, Sun Solaris,
   AIX, and Windows under CygWin.  In each case, just install the
   binaries in one of the places where the operating system usually
   looks for them, such as /usr/bin. You should also create symbolic
   links to the ccrypt binary named ccencrypt, ccdecrypt, and ccat;
   when ccrypt is invoked by one of these names, its default behavior
   changes. To create the appropriate links, change to the directory
   where you have installed ccrypt, and run the commands

       ln -s ccrypt ccencrypt 
       ln -s ccrypt ccdecrypt 
       ln -s ccrypt ccat

   You may also want to install the man page by copying ccrypt.1 to an
   appropriate directory, such as /usr/share/man/man1.

   The precompiled distributions are usually prepared without
   internationalization support.

   Windows users see the file README-WIN.

   For users of the Redhat Package Manager, ccrypt is also available
   as a source RPM or binary RPM.

  Usage

Usage: ccrypt [mode] [options] [file...]
       ccencrypt [options] [file...]
       ccdecrypt [options] [file...]
       ccat [options] file...

Modes:
    -e, --encrypt         encrypt
    -d, --decrypt         decrypt
    -c, --cat             cat; decrypt files to stdout
    -x, --keychange       change key
    -u, --unixcrypt       decrypt old unix crypt files

Options:
    -h, --help            print this help message and exit
    -V, --version         print version info and exit
    -L, --license         print license info and exit
    -v, --verbose         print progress information to stderr
    -q, --quiet           run quietly; suppress warnings
    -f, --force           overwrite existing files without asking
    -m, --mismatch        allow decryption with non-matching key
    -E, --envvar var      read keyword from environment variable (unsafe)
    -K, --key key         give keyword on command line (unsafe)
    -k, --keyfile file    read keyword(s) as first line(s) from file
    -P, --prompt prompt   use this prompt instead of default
    -S, --suffix .suf     use suffix .suf instead of default .cpt
    -s, --strictsuffix    refuse to encrypt files which already have suffix
    -F, --envvar2 var     as -E for second keyword (for keychange mode)
    -H, --key2 key        as -K for second keyword (for keychange mode)
    -Q, --prompt2 prompt  as -P for second keyword (for keychange mode)
    -t, --timid           prompt twice for encryption keys (default)
    -b, --brave           prompt only once for encryption keys
    -y, --keyref file     encryption key must match this encrypted file
    -r, --recursive       recurse through directories
    -R, --rec-symlinks    follow symbolic links as subdirectories
    -l, --symlinks        dereference symbolic links
    -T, --tmpfiles        use temporary files instead of overwriting (unsafe)
    --                    end of options, filenames follow

   For detailed usage information, see the man page.

  Emacs support

   ccrypt comes with an emacs package for reading and writing
   encrypted files. The package is called ps-ccrypt, and it is based
   on the jka-compr package which is part of GNU Emacs.  Unlike
   previous versions of this package, it can be used in addition to,
   and not instead of, jka-compr, to handle both encrypted and
   compressed files.  (However, files that are both encrypted and
   compressed are not currently handled correctly).

   To use the package, simply load ps-ccrypt and edit as usual.  When
   you open a file with the ".cpt" extension, emacs will prompt you
   for a password for the file. It will remember the password for the
   buffer, and when you save the file later, it will be automatically
   encrypted again (provided you save it with a ".cpt"
   extension). Except for the password prompt, the operation of the
   package should be transparent to the user. The command M-x
   ccrypt-set-buffer-password can be used to change the current
   password of a buffer.

   The simplest way to use this package is to include the lines

       (setq load-path (cons "path" load-path))
       (require 'ps-ccrypt "ps-ccrypt.el")

   in your .emacs file, where path is the directory which holds the file
   ps-ccrypt.el.

  Support and Reporting Bugs

   Ccrypt has a project page on SourceForge at
   http://sourceforge.net/projects/ccrypt/. There you will find facilities
   for reporting bugs, submitting patches, asking for support, asking for
   features, or discussing ccrypt in general. You are encouraged to use
   these facilities. You can also send email to the author.

  Author

   Copyright (C) 2000-2012 Peter Selinger <selinger at users.sourceforge.net>

  License

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2, or (at your option)
   any later version.

   This program is distributed in the hope that it will be useful, but
   WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
   General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.

  GPG Key

   Peter Selinger's GPG key fingerprint is:
   12A2 4B3C 3790 B688 E484  7A98 A68B CC37 CA31 696A