Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (HP-UX-11.11)
Apropos / Subsearch:
optional field

 crypt(1)							    crypt(1)

      crypt - encode/decode files

      crypt [password]

      crypt reads from the standard input and writes on the standard output.
      password is a key that selects a particular transformation.  If no
      password is given, crypt demands a key from the terminal and turns off
      printing while the key is being typed in.	 crypt encrypts and decrypts
      with the same key:

	   crypt key <&lt&lt&lt;clear >&gt&gt&gt;cypher
	   crypt key <&lt&lt&lt;cypher|pr

      The latter command decrypts the file and prints the clear version.

      Files encrypted by crypt are compatible with those treated by the ed
      editor in encryption mode (see ed(1)).

      Security of encrypted files depends on three factors: the fundamental
      method must be hard to solve; direct search of the key space must be
      infeasible; ``sneak paths'' by which keys or clear text can become
      visible must be minimized.

      crypt implements a one-rotor machine designed along the lines of the
      German Enigma, but with a 256-element rotor.  Methods of attack on
      such machines are widely known; thus crypt provides minimal security.

      The transformation of a key into the internal settings of the machine
      is deliberately designed to be expensive; i.e., to take a substantial
      fraction of a second to compute.	However, if keys are restricted to,
      for example, three lowercase letters, then encrypted files can be read
      by expending only a substantial fraction of five minutes of machine

      Since the key is an argument to the crypt command, it is potentially
      visible to users executing the ps or a derivative (see ps(1)).  The
      choice of keys and key security are the most vulnerable aspect of

      The following example demonstrates the use of crypt to edit a file
      that the user wants to keep strictly confidential:

	   $ crypt <&lt&lt&lt;plans >&gt&gt&gt;plans.x
	   key: violet
	   $ rm plans
	   $ vi -x plans.x

 Hewlett-Packard Company	    - 1 -   HP-UX Release 11i: November 2000

 crypt(1)							    crypt(1)

	   key: violet
	   $ crypt <&lt&lt&lt;plans.x | pr
	   key: violet

      Note that the -x option is the encryption mode of vi, and prompts the
      user for the same key with which the file was encrypted.

      If output is piped to nroff and the encryption key is not given on the
      command line, crypt can leave terminal modes in a strange state (see
      nroff(1) and stty(1)).

      If two or more files encrypted with the same key are concatenated and
      an attempt is made to decrypt the result, only the the first of the
      original files is decrypted correctly.

      /dev/tty		  for typed key

      ed(1), makekey(1), stty(1).

 Hewlett-Packard Company	    - 2 -   HP-UX Release 11i: November 2000