Security Warning: AES-256-CBC does not provide authenticated encryption and is vulnerable to padding oracle attacks. You should use something like age instead.
Encrypt:
openssl aes-256-cbc -a -salt -pbkdf2 -in secrets.txt -out secrets.txt.enc
Decrypt:
openssl aes-256-cbc -d -a -pbkdf2 -in secrets.txt.enc -out secrets.txt.new
More details on the various flags
Related Posts:
- How to encrypt String in Java
- Encrypt with private key and decrypt with public key
- RSA Public Key format
- I have a keypair. How do I determine the key length?
- Ask: Anonymization Data of live WordPress site
- How to install OpenSSL in windows 10?
- Is it possible to decrypt MD5 hashes?
- AES Decryption in Python when IV and Value provided separately
- SSL Error: unable to get local issuer certificate
- curl: (60) SSL certificate problem: unable to get local issuer certificate
- curl: (60) SSL certificate problem: unable to get local issuer certificate
- Chrome not Firefox are not dumping to SSLKEYLOGFILE variable
- Chrome not Firefox are not dumping to SSLKEYLOGFILE variable
- Openssl : error “self signed certificate in certificate chain”
- File extension .DB – What kind of database is it exactly?
- Given final block not properly padded
- How to generate a self-signed SSL certificate using OpenSSL?
- mcrypt is deprecated, what is the alternative?
- SSL_read failing with SSL_ERROR_SYSCALL error
- Converting pfx to pem using openssl
- OpenSSL Verify return code: 20 (unable to get local issuer certificate)
- Python AttributeError: ‘module’ object has no attribute ‘SSL_ST_INIT’
- Verify return code: 20 when testing OpenSSL
- Simplest two-way encryption using PHP
- what is meant by devel for openssl?
- How can I list the available Cipher algorithms?
- Encrypt & Decrypt using PyCrypto AES 256
- Using OpenSSL what does “unable to write ‘random state'” mean?
- Encrypt Password in Configuration Files?
- Encrypt Password in Configuration Files?
- OpenSSL: PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE
- SSL error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
- Converting PKCS#12 certificate into PEM using OpenSSL
- curl : (1) Protocol https not supported or disabled in libcurl
- OpenSSL: unable to verify the first certificate for Experian URL
- SSL CA cert (path? access rights?)
- ‘openssl’ is not recognized as internal or external command
- cat not recognised as an internal or external command
- gpg decryption fails with no secret key error
- RSA encryption and decryption in Python
- Enter PEM pass phrase when converting PKCS#12 certificate into PEM
- Getting error in Curl – Peer certificate cannot be authenticated with known CA certificates
- How do you sign a Certificate Signing Request with your Certification Authority?
- How to fix: fatal error: openssl/opensslv.h: No such file or directory in RedHat 7
- Is there any difference between aes-128-cbc and aes-128 encryption?
- JavaScript string encryption and decryption?
- How to fix SSL issue SSL_CTX_use_certificate : ca md too weak on Python Zeep
- How to install latest version of openssl Mac OS X El Capitan
- What is the easiest way to encrypt a password when I save it to the registry?
- Encrypt and decrypt a string in C#?
- How to store username and password to API in wordpress option DB?
- How WordPress encrypt password? [duplicate]
- Are the default salts secure?
- How to validate WordPress generated password in DB using PHP?
- Security in WordPress plugin development
- Encrypt emails?
- Store and Encrypt Contact Form 7 Submissions in Database? [closed]
- Can I edit the wp_post > post_content right before its inserted/updated?
- PGP-Encrypt system-generated notifications
- CNAME site attempts to load files over HTTP instead of HTTPS
- Sniffing wordpress user’s credentials
- Moving away from MD5: Where to declare the custom global $wp_hasher?
- wp_hash_password create a different hash everytime
- Display encrypted content on my website
- Parse form values before sending to options.php
- Auto login subdomain from main domain on single sites with different DB
- Using an Encryption class in a WordPress Plugin
- Pass MD5 value to prepopulate field
- Is the login encrypted before it is sent? If so how to do I encrypt it the same way?
- Apply function to update_option Variable
- Detect change in site_url and home_url
- Protect Post Permalink From Copy
- How to store API authentication password?
- Decode and Decrypt Azure B2C OpenID Authorization Token, Use Response in API Call (Example Token Within)
- how to handle premium features in a wordpress plugin?
- Not able to log for the first time on a salted WordPress by creating pwd on BD
- Encrypt API key [duplicate]
- Retrieve $_POST data to send to javascript without using localize script
- I want to encrypt my WordPress plugin
- How WordPress hashes passwords
- How to get real password (before encrypt) when register a user?
- Why can’t I save encrypted data in a transient?
- Create a public SSH key from the private key?
- how to download the ssl certificate from a website?
- Heartbleed: What is it and what are options to mitigate it?
- How do I view the details of a digital certificate .cer file?
- How to view all ssl certificates in a bundle?
- Is it possible to generate RSA key without pass phrase?
- ssh-keygen does not create RSA private key
- How can I verify if TLS 1.2 is supported on a remote web server from the RHEL/CentOS shell?
- Certification authority root certificate expiry and renewal
- Heartbleed: how to reliably and portably check the OpenSSL version?
- Best location to keep SSL certificates and private keys on Ubuntu servers?
- Generating a self-signed cert with openssl that works in Chrome 58
- How to Deobfuscate a sourcecop protected WordPress plugin?
- Making a user platform reachable by a qr code on a pin-back-button [closed]