How to use password argument in via command line to openssl for decryption
The documentation wasn't very clear to me, but it had the answer, the challenge was not being able to see an example.
Here's how to do it:
openssl aes-256-cbc -in some_file.enc -out some_file.unenc -d -pass pass:somepassword
Notice that the command line command syntax is always -pass followed by a space and then the type of passphrase you're providing, i.e. pass: for plain passphrase and then the actual passphrase after the colon with no space.
Additionally the documentation specifies you can provide other passphrase sources by doing the following:
env:somevarto get the password from an environment variablefile:somepathnameto get the password from the first line of the file at locationpathnamefd:numberto get the password from the file descriptor number.stdinto read from standard input
Now that I've written this question and answer, it all seems obvious. But it certainly took some time to figure out and I'd seen it take others similar time, so hopefully this can cut down that time and answer faster for others! :)
With OpenSSL 1.0.1e the parameter to use is -passin or -passout. So this example would be:
openssl aes-256-cbc -in some_file.enc -out some_file.unenc -d -passin pass:somepassword
I used -passin and -passout to set passwords to both files in example:
openssl pkcs12 -in voip.p12 -out voip.pem -passin pass:123 -passout pass:321
where 123 and 321 are password
At this moment Ubuntu 14.04 LTS comes with openssl 1.0.1f-1ubuntu2.16
In this version the parameter to use is -k
Example:
openssl enc -aes-256-cbc -e -in some_file.unenc -out some_file.enc -k somepassword