How do I decrypt a message using openssl's CLI?
8,402
I think you're looking for something like this:
openssl yourcipher -d < yourfile
For example if the file was encrypted using des3 cipher, and the file is /path/to/file.des3 then:
openssl des3 -d < /path/to/file.des3
It will ask you for the passphrase.
If the file is base64 encoded, then you should be able decode and decrypt like this:
openssl enc -base64 -d < /path/to/file | openssl yourcipher -d
Related videos on Youtube
05 : 38
How to encrypt and decrypt messages using Openssl on windows
24 : 11
Encryption and decryption with openssl
06 : 17
How to Encrypt and Decrypt using Openssl on windows
07 : 11
How To Encrypt And Decrypt Files Using OpenSSL On Ubuntu Linux
29 : 04
CBROPS - 21.2.10 Lab - Encrypting and Decrypting Data Using OpenSSL
Author by
user50849
Updated on September 18, 2022Comments
-
user50849 over 1 year
I have a message, I know the password and the cipher that was used to encrypt it, but I can't figure out how to ask openssl to decrypt it.
I see the cipher in the output from the
cipherscommand, and the man page lists aenccommand forEncoding with Ciphers, but I can't find how I would do the opposite, decode a message.-
dave_thompson_085 almost 8 yearsLate but:
openssl cipherslists ciphersuites for SSL/TLS, which is in practice never password based, and doesn't leave messages anywhere you could later decrypt (i.e. if you have a file, it's not SSL/TLS).openssl encis one commonly used password-based encryption scheme, but there are CMS and (rarely) S/MIME PBEs and a common PGP PBE, and also PBE schemes for keys which are not accurately described as messages, as well as other PBEs.
-
-
janos over 10 yearsThat error is common when the file is not really an encrypted file... Perhaps you need to unzip it first? -
user50849 over 10 yearsIf I've understood my instructions correctly, my file is base64 encoded (It looks like base64 as well, though that's no guarantee of course). But I've tried passing it through
base64 -d [input] > [output]and thenopenssl [cipher] -d < [output]as well as deciphering the file as is, and I get the same "bad magic number" in both cases. -
janos over 10 years@user50849 I updated my answer thought it looks like you're already doing that... After you decode from base64, what does the
filecommand tell you? Is the file binary? -
user50849 over 10 yearsI tried your added base64 command, and unfortunately I get the same error. file says
dataabout the decoded file. I assume that your answer is correct and that something is wrong on my end. Possibly I've corrupted the input or similar. I'll try to work that out and get back. -
janos over 10 yearsCan you ask for a checksum of the file? That way you could confirm if your file is corrupted or not.
-
dave_thompson_085 almost 8 years
openssl encdoes base64 itself. If this was in fact the base64 form ofopenssl enc, for which I see no evidence, justopenssl enc -$cipher -d -aor equivalentlyopenssl $cipher -d -a.
