1
2 ccrypt
3
4 Secure encryption and decryption of files and streams
5 _________________________________________________________________
6
7 Description
8
9 ccrypt is a tool for encrypting and decrypting files and streams.
10 It is based on the Rijndael block cipher, a version of which is
11 also used in the Advanced Encryption Standard (AES, see
12 http://www.nist.gov/aes). This cipher is believed to provide very
13 strong cryptographic security.
14
15 The algorithm provided by ccrypt is not symmetric, i.e., one must
16 specify whether to encrypt or decrypt. The most common way to
17 invoke ccrypt is via the commands ccencrypt and ccdecrypt. There
18 is also a ccat command for decrypting a file directly to the
19 terminal, thus reducing the likelihood of leaving temporary
20 plaintext files around. In addition, there is a compatibility mode
21 for decrypting legacy files from the ancient Unix crypt(1) command.
22 An emacs mode is also supplied for editing encrypted text files.
23
24 Encryption and decryption depends on a keyword (or key phrase)
25 supplied by the user. By default, the user is prompted to enter a
26 keyword from the terminal. Keywords can consist of any number of
27 characters, and all characters are significant (although ccrypt
28 internally hashes the key to 256 bits). Longer keywords provide better
29 security than short ones, since they are less likely to be discovered
30 by exhaustive search.
31
32 For a detailed description of the encryption algorithm used by ccrypt,
33 see the man page.
34
35 Downloading and Installing from Source
36
37 The following instructions are for compiling ccrypt from source
38 code; if you have downloaded one of the precompiled binary
39 distributions, please skip to "Downloading and Installing Precompiled
40 Distributions" below.
41
42 The source distribution of the current version of ccrypt can be
43 downloaded as a gzipped tar archive from
44 http://ccrypt.sourceforge.net/. You can unpack the archive with a
45 command such as
46
47 tar -zxf ccrypt-XXX.tar.gz
48
49 For compiling and installation, please follow the instructions in
50 the file INSTALL. The basic installation sequence is:
51
52 ./configure
53 make
54 make check
55
56 The only non-standard configuration options are --disable-libcrypt
57 and --disable-emacs. Normally, ccrypt will be linked against the
58 libcrypt library, if available. If this library is not available,
59 or if the --disable-libcrypt option is given to ./configure, then
60 we will use our own replacement for this library. This is useful
61 for creating binary distributions when we don't want to distribute
62 libcrypt.so. The --disable-emacs configuation option can be used to
63 disable emacs support.
64
65 Downloading and Installing Precompiled Distributions
66
67 ccrypt is also available in precompiled formats for a number of
68 popular platforms, including Linux, MacOS X, and Windows under
69 CygWin. In each case, just install the binaries in one of the
70 places where the operating system usually looks for them, such as
71 /usr/bin. You should also create symbolic links to the ccrypt
72 binary named ccencrypt, ccdecrypt, and ccat; when ccrypt is invoked
73 by one of these names, its default behavior changes. To create the
74 appropriate links, change to the directory where you have installed
75 ccrypt, and run the commands
76
77 ln -s ccrypt ccencrypt
78 ln -s ccrypt ccdecrypt
79 ln -s ccrypt ccat
80
81 You may also want to install the man page by copying ccrypt.1 to an
82 appropriate directory, such as /usr/share/man/man1.
83
84 The precompiled distributions are usually prepared without
85 internationalization support.
86
87 Windows users see the file README-WIN.
88
89 Usage
90
91Usage: ccrypt [mode] [options] [file...]
92 ccencrypt [options] [file...]
93 ccdecrypt [options] [file...]
94 ccat [options] file...
95
96Modes:
97 -e, --encrypt encrypt
98 -d, --decrypt decrypt
99 -c, --cat cat; decrypt files to stdout
100 -x, --keychange change key
101 -u, --unixcrypt decrypt old unix crypt files
102
103Options:
104 -h, --help print this help message and exit
105 -V, --version print version info and exit
106 -L, --license print license info and exit
107 -v, --verbose print progress information to stderr
108 -q, --quiet run quietly; suppress warnings
109 -f, --force overwrite existing files without asking
110 -m, --mismatch allow decryption with non-matching key
111 -E, --envvar var read keyword from environment variable (unsafe)
112 -K, --key key give keyword on command line (unsafe)
113 -k, --keyfile file read keyword(s) as first line(s) from file
114 -P, --prompt prompt use this prompt instead of default
115 -S, --suffix .suf use suffix .suf instead of default .cpt
116 -s, --strictsuffix refuse to encrypt files which already have suffix
117 -F, --envvar2 var as -E for second keyword (for keychange mode)
118 -H, --key2 key as -K for second keyword (for keychange mode)
119 -Q, --prompt2 prompt as -P for second keyword (for keychange mode)
120 -t, --timid prompt twice for encryption keys (default)
121 -b, --brave prompt only once for encryption keys
122 -y, --keyref file encryption key must match this encrypted file
123 -r, --recursive recurse through directories
124 -R, --rec-symlinks follow symbolic links as subdirectories
125 -l, --symlinks dereference symbolic links
126 -T, --tmpfiles use temporary files instead of overwriting (unsafe)
127 -- end of options, filenames follow
128
129 For detailed usage information, see the man page.
130
131 Emacs support
132
133 ccrypt comes with an emacs package for reading and writing
134 encrypted files. The package is called ps-ccrypt, and it is based
135 on the jka-compr package which is part of GNU Emacs. Unlike
136 previous versions of this package, it can be used in addition to,
137 and not instead of, jka-compr, to handle both encrypted and
138 compressed files. (However, files that are both encrypted and
139 compressed are not currently handled correctly).
140
141 To use the package, simply load ps-ccrypt and edit as usual. When
142 you open a file with the ".cpt" extension, emacs will prompt you
143 for a password for the file. It will remember the password for the
144 buffer, and when you save the file later, it will be automatically
145 encrypted again (provided you save it with a ".cpt"
146 extension). Except for the password prompt, the operation of the
147 package should be transparent to the user. The command M-x
148 ccrypt-set-buffer-password can be used to change the current
149 password of a buffer.
150
151 The simplest way to use this package is to include the lines
152
153 (setq load-path (cons "path" load-path))
154 (require 'ps-ccrypt "ps-ccrypt.el")
155
156 in your .emacs file, where path is the directory which holds the file
157 ps-ccrypt.el.
158
159 Support and Reporting Bugs
160
161 Ccrypt has a project page on SourceForge at
162 http://sourceforge.net/projects/ccrypt/. There you will find facilities
163 for reporting bugs, submitting patches, asking for support, asking for
164 features, or discussing ccrypt in general. You are encouraged to use
165 these facilities. You can also send email to the author.
166
167 Author
168
169 Copyright (C) 2000-2018 Peter Selinger <selinger at users.sourceforge.net>
170
171 License
172
173 This program is free software; you can redistribute it and/or modify
174 it under the terms of the GNU General Public License as published by
175 the Free Software Foundation; either version 2, or (at your option)
176 any later version.
177
178 This program is distributed in the hope that it will be useful, but
179 WITHOUT ANY WARRANTY; without even the implied warranty of
180 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
181 General Public License for more details.
182
183 You should have received a copy of the GNU General Public License
184 along with this program; if not, write to the Free Software Foundation,
185 Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
186
187 GPG Key
188
189 Peter Selinger's GPG key fingerprint is:
190 12A2 4B3C 3790 B688 E484 7A98 A68B CC37 CA31 696A
191
1
2 ccrypt
3
4 Secure encryption and decryption of files and streams
5 _________________________________________________________________
6
7This file contains instructions specific to the Windows distribution
8of ccrypt. Please see README and the man page for general information
9on usage etc.
10
11USAGE for Windows:
12==================
13
14Please note that ccrypt is a *command line* program. It can only be
15run from the DOS prompt or from a shell. It is not the kind of program
16you run by double-clicking.
17
18INSTALLATION for Windows:
19=========================
20
21Download the file ccrypt-XXX.cygwin-x86.zip, and unpack it using your
22favorite tool. Often, double-clicking on the archive will allow you to
23extract the contents.
24
25The windows distribution includes an executable file ccrypt.exe, and a
26dynamically linked library cygwin1.dll. You need to put both
27ccrypt.exe and cygwin1.dll in a place where Windows can find them. One
28such place is C:\Windows.
29
30If you already have a different version of cygwin installed, you
31cannot use this binary unless you up/downgrade to the version of
32cygwin that comes with the ccrypt distribution. However, there should be
33no problem re-compiling ccrypt under your version of cygwin.
34
35The default executable file is called ccrypt.exe. You should also
36create files ccencrypt.exe, ccdecrypt.exe, and ccat.exe in the same
37directory. These files are identical to ccrypt.exe, but when ccrypt is
38invoked by one of these filenames, its default behavior changes. Under
39Windows, the most fool-proof solution is to make four copies of
40ccrypt.exe and rename them appropriately.
41
42RUNNING:
43==================================================
44
45For non-Windows specific usage information, see the file README.
46
47Ccrypt on Windows runs in much the same way as under Linux and other
48Unix-like operating systems, due to the amazing magic of cygwin
49(http://sources.redhat.com/cygwin/), which simulates a Unix
50environment under Windows.
51
52Note on wildcards: The following command line does not work as
53expected under Windows:
54
55 ccrypt h:\data\*.*
56
57However, each of the following two commands will work as it should:
58
59 ccrypt h:\data\file.txt
60
61 ccrypt h:/data/*.*
62
63I am not sure what causes this behavior. Apparently an inconsistency
64between backslash conversion and wildcard expansion.
65