1.\" 2.\" enigma (aka. crypt) man page written by Joerg Wunsch. 3.\" 4.\" Since enigma itself is distributed in the Public Domain, this file 5.\" is also. 6.\" 7.\" $FreeBSD$ 8.\" " 9.Dd May 14, 2004 10.Os 11.Dt ENIGMA 1 12.Sh NAME 13.Nm enigma , 14.Nm crypt 15.Nd very simple file encryption 16.Sh SYNOPSIS 17.Nm 18.Op Fl s 19.Op Fl k 20.Op Ar password 21.Nm crypt 22.Op Fl s 23.Op Fl k 24.Op Ar password 25.Sh DESCRIPTION 26The 27.Nm 28utility, also known as 29.Nm crypt 30is a 31.Em very 32simple encryption program, working on a 33.Dq secret-key 34basis. 35It operates as a filter, i.e., 36it encrypts or decrypts a 37stream of data from standard input, and writes the result to standard 38output. 39Since its operation is fully symmetrical, feeding the encrypted data 40stream again through the engine (using the same secret key) will 41decrypt it. 42.Pp 43There are several ways to provide the secret key to the program. 44By 45default, the program prompts the user on the controlling terminal for 46the key, using 47.Xr getpass 3 . 48This is the only safe way of providing it. 49.Pp 50Alternatively, the key can be provided as the sole command-line 51argument 52.Ar password 53when starting the program. 54Obviously, this way the key can easily be 55spotted by other users running 56.Xr ps 1 . 57As yet another alternative, 58.Nm 59can be given the option 60.Fl k , 61and it will take the key from the environment variable 62.Ev CrYpTkEy . 63While this at a first glance seems to be more secure than the previous 64option, it actually is not since environment variables can also be 65examined with 66.Xr ps 1 . 67Thus this option is mainly provided for compatibility with other 68implementations of 69.Nm . 70.Pp 71When specifying the option 72.Fl s , 73.Nm 74modifies the encryption engine in a way that is supposed to make it a 75little more secure, but incompatible with other implementations. 76.Pp 77.Ss Warning 78The cryptographic value of 79.Nm 80is rather small. 81This program is only provided here for compatibility 82with other operating systems that also provide an implementation 83(usually called 84.Xr crypt 1 85there). 86For real encryption, refer to 87.Xr bdes 1 , 88.Xr openssl 1 , 89.Xr pgp 1 Pq Pa ports/security/pgp , 90or 91.Xr gpg 1 Pq Pa ports/security/gnupg . 92However, restrictions for exporting, 93importing or using such tools might exist in some countries, so those 94stronger programs are not being shipped as part of the operating 95system by default. 96.Sh ENVIRONMENT 97.Bl -tag -offset indent -width ".Ev CrYpTkEy" 98.It Ev CrYpTkEy 99used to obtain the secret key when option 100.Fl k 101has been given 102.El 103.Sh EXAMPLES 104.Bd -literal -offset indent 105man enigma | enigma > encrypted 106Enter key: (XXX \(em key not echoed) 107.Ed 108.Pp 109This will create an encrypted form of this man page, and store it in 110the file 111.Pa encrypted . 112.Bd -literal -offset indent 113enigma XXX < encrypted 114.Ed 115.Pp 116This displays the previously created file on the terminal. 117.Sh SEE ALSO 118.Xr bdes 1 , 119.Xr gpg 1 , 120.Xr openssl 1 , 121.Xr pgp 1 , 122.Xr ps 1 , 123.Xr getpass 3 124.Sh HISTORY 125Implementations of 126.Nm crypt 127are very common among 128.Ux 129operating systems. 130This implementation has been taken from the 131.Em Cryptbreakers Workbench 132which is in the public domain. 133