File Encryption (and Decryption) Made Easy

Keys, keys… where are my keys?
A new release of the Crytto library (0.4.0) has just been published, which greatly simplifies encrypting (and decrypting) files

The new release adds the decrypt script which, when combined with the existing automatic retrieval of the encryption key from the keystore, makes it a breeze to decrypt files.

For example, if you had encrypted your file with:

$ encrypt --keep

the file would have been saved either in the same directory, or where you had configured the out: directory:

[INFO ] File '' encrypted to '/var/tmp/' 
[INFO ] Encryption successful; saving data to store file '/private/archive-pass/keys.csv'.

To decrypt it back, then it will just be a matter of:

$ decrypt --out ${HOME}/ /var/tmp/ 
[INFO ] File '/var/tmp/' decrypted to '/private/'

The configuration YAML file is now by default kept in ${HOME}/.crytto/conf.yml and its contents haven’t changed.

In addition, to keep the keystore in a reasonably “clean” state, we have added the prune_store script, which removes from the CSV file all the entries relative to files that no longer exist (use with care: if files have been moved the prune_cmd script won’t be able to detect that and you may lose valuable information – however, a copy of the keystore is kept in a .bak copy).

More information available in the GitHub repository.

Originally published at on August 30, 2017.