rage

Simple modern file encryption tool

TLDR

Encrypt file with passphrase

$ rage -p -o [encrypted.age] [file.txt]

Encrypt with recipient

$ rage -r [age1...] -o [encrypted.age] [file.txt]

Decrypt file

$ rage -d -i [key.txt] [encrypted.age]

Generate new key

$ rage-keygen -o [key.txt]

Encrypt with SSH key

$ rage -R [~/.ssh/id_ed25519.pub] [file.txt]

Armor output

$ rage -a -r [age1...] [file.txt]

Encrypt to multiple recipients

$ rage -r [age1...] -r [age1...] -o [encrypted.age] [file.txt]

Decrypt with passphrase

$ rage -d -p [encrypted.age]

Encrypt stdin

$ echo "secret" | rage -r [age1...] -o [secret.age]

SYNOPSIS

rage [-e|-d] [-r recipient] [-i identity] [-o output] [options] [file]

rage is a Rust implementation of the age encryption tool. It provides simple, modern file encryption.Public key encryption uses age keys or SSH keys. Recipients are specified by their public key.Passphrase mode uses scrypt for key derivation. No key management needed for simple use.ASCII armor produces text output. Safe for email or other text channels.Multiple recipients allow group encryption. Any recipient can decrypt.

PARAMETERS

-e, --encrypt

Encrypt mode.

-d, --decrypt

Decrypt mode.

-r, --recipient KEY

Recipient public key.

-R, --recipients-file FILE

File with recipients.

-i, --identity FILE

Identity/private key.

-p, --passphrase

Use passphrase.

-a, --armor

ASCII armor output.

-o, --output FILE

Output file. If omitted, writes to stdout.

-j PLUGINS

Use the given age plugin.

CAVEATS

Uses the age format; not compatible with GPG. Key management is manual with no key servers or web of trust. Requires the recipient's public key or a passphrase for encryption.

HISTORY

rage is a Rust implementation of age (Actually Good Encryption), designed by Filippo Valsorda. Age aims to be a simpler alternative to GPG.