Looking for command line encryption utility for Windows

5

2

I am looking for command line encryption utility for Windows - paid or free. Would prefer it to support AES-256. It has to be something with large user base and actively in development. Need to be able to specify password in command line - not looking to use private/public keys.

It will be used as a part of my backup process. In a nutshell I would just use Winzip or 7-zip encryption but the list of files in encrypted archive is visible and I don't like that. So the plan is to zip files without the password and then encrypt ZIP file itself.

I do use TrueCrypt but it is not convenient for this process - one has to backup whole volume which is not effective storage-wise plus one cannot create encrypted volumes from the command line as far as I know.

Basically looking for something like this: http://hcrypto.sourceforge.net/ but this software doesn't seem to be under active development.

Joe Schmoe

Posted 2012-06-09T17:59:58.647

Reputation: 575

to hide the file names you can zip the files without password then zip the zipped file with a password. the question is : is the zip encryption secure? – EKanadily – 2016-12-17T09:25:54.517

Answers

10

In the command line version of 7-zip 7z.exe you can use the -p switch to set a password. This will also enable header encryption ( -mhe option for the 7z format) which means file names will also be encrypted.

billc.cn

Posted 2012-06-09T17:59:58.647

Reputation: 6 821

Unless the 7-zip encryption code is Open Source, I would not recommend using it. Open Source encryption code has been vetted by more eyes, and is much harder to hide backdoors in. – Fran – 2012-06-09T19:29:13.603

47-zip uses AES and it's LGPL v2 and I really think a guy who is competent enough to invent a widely-used archieve format knows how to use an ecryption lib correctly. – billc.cn – 2012-06-09T19:32:59.650

2@billc.cn I agree. I just didn't know if the source was open. It is, so 7-zip is a perfectly valid solution. – Fran – 2012-06-10T00:22:43.777

9

openssl is available for Windows is widely used and supports command line encryption

# encrypt file.txt to file.enc using 256-bit AES in CBC mode
openssl enc -aes-256-cbc -salt -in file.txt -out file.enc

If necessary, you can specify the pass-phrase on the command-line

… -pass pass:mySillyPassword

or 

… -pass file:/path/to/secret/password.txt

(from http://www.madboa.com/geek/openssl/#encrypt-simple)

See also this answer to a related question that mentions GPG

RedGrittyBrick

Posted 2012-06-09T17:59:58.647

Reputation: 70 632

Asked: 2012-06-09T17:59:58.647

Viewed: 11 235 times

Active: 2012-06-09T18:51:44.287