ccrypt

ccrypt [-V] [-h] [-e|-d|-c] [-f] [-k] [-K key] [-m] [-v] [-q] [-t] [-E var] [-P] [-l] [-u] [-p] [-x pattern] [--help] [--version] [files...]

-e
    Encrypt mode (default if file not encrypted)

-d
    Decrypt mode

-c
    Decrypt to stdout (cat-like)

-f
    Force overwrite of files without prompting

-k
    Disable interactive passphrase prompt; use keyfile or stdin

-K key
    Use specified key (hex or base64) instead of passphrase

-m
    Minimal key iterations (faster but less secure)

-v
    Verbose output

-q
    Quiet mode, suppress warnings

-t
    Check integrity of encrypted file

-E var
    Read passphrase from environment variable var

-P
    Do not add .cpt extension on encrypt

-l
    List files only (no encrypt/decrypt)

-u
    Unlink (delete) original files after encrypt/decrypt

-p
    Keep passphrase in memory for batch operations

-x pattern
    Exclude files matching shell glob pattern

-V
    Print version information

-h
    Display help

ccrypt is a standalone command-line utility for encrypting and decrypting files and data streams using the Advanced Encryption Standard (AES) cipher, specifically Rijndael in CBC mode with a 256-bit key. It provides transparent encryption, meaning encrypted files have a .cpt extension and can be decrypted simply by renaming and running ccrypt -d. Designed for simplicity and security, ccrypt derives encryption keys from user-supplied passphrases using a key-stretching mechanism based on PBKDF2-like iterations to resist brute-force attacks.

Key features include support for stdin/stdout processing (-c option for decryption to console), batch operation on multiple files, force overwrite (-f), and options for keyfiles or environment variables. It automatically detects encryption mode based on file extensions but allows explicit control. Unlike some tools, ccrypt does not store salts or metadata in files for plausible deniability, keeping encrypted files indistinguishable except by extension. It's widely used for securing sensitive data on Unix-like systems, backups, and scripts, prioritizing speed and ease over advanced features like public-key crypto.

Security relies heavily on passphrase strength; weak passphrases can be cracked offline. It's FOSS under GPL v2, portable across platforms.

Passphrase security is critical; weak passphrases vulnerable to dictionary attacks. No built-in multi-factor auth or key management. CBC mode susceptible to padding oracle if misused. Not for disk encryption (use LUKS). Encrypted files detectable by extension unless -P used.

ccrypt file.txt (encrypts to file.txt.cpt)
ccrypt -d file.txt.cpt (decrypts)
ccrypt -c file.txt.cpt (decrypt to stdout)

Uses 1000+ iterations of SHA-256 on passphrase+salt for AES-256 key. Salt stored in first block of file.

Developed by Peter Selinger starting in 2002 as a simple AES encryptor. First stable release 1.7 in 2004. Maintained sporadically; current version 1.11 (2015). Inspired by crypt(1) but modernized with AES. Widely packaged in Linux distros for its reliability and minimal dependencies.

gpg(1), openssl(1), age(1), mcrypt(1)