I wanted an easy way to encrypt and decrypt files in OS X from the command line, so I added the following to my .profile file in my home directory:

  1. enc() {
  2.   openssl des3 -salt -in $1 -out $1_enc
  3.   rm $1
  4. }
  6. dec() {
  7.   openssl des3 -d -salt -in $1_enc -out $1
  8.   rm $1_enc
  9. }

Now I can quickly encrypt a file using ‘enc’:

  1. $ cat secret.txt
  2. this is a secret!
  3. $ enc secret.txt
  4. enter des-ede3-cbc encryption password: [password]
  5. Verifying - enter des-ede3-cbc encryption password: [password]
  6. $ cat secret.txt_enc
  7. Salted__?<?7sT?s??Cp??x?toA?d6~r?r

And decrypt it just as easily with ‘dec’:

  1. $ dec secret.txt
  2. enter des-ede3-cbc decryption password: [password]
  3. $ cat secret.txt
  4. this is a secret!

A couple of things to note. The encrypted file is saved using a _enc suffix, but when decrypting, it assumes you type the original filename, not the _enc version. I don’t mind this, but it could be altered to be a little smarter in this regard. Also, when encrypting it deletes the original file for you, and when decrypting it deletes the encrypted version. I prefer this automatic ‘cleanup’.