auth/aescbc [ -d ] [ -e ] [ -f keyfile ] [ -k key ]

-a alg...

Specifies one or two algorithms, for encryption and/or digests. The algorithms are those supported by ssl(3). If two algorithms are given, they should be separated by a slash (/) or space, following the conventions of ssl(3).

-f keyfile

Read the encryption key from the given file, which obviously should be carefully protected. Trailing newlines are ignored.

-k key

Use key as the encryption key.

-?

Print a list of the available encryption and digest algorithms.

If the secret key is not otherwise supplied, crypt prompts for it on /dev/cons. There is no need to give algorithms when decrypting, because they are taken from the header. The default algorithm is md5/ideacbc. It might be necessary to change that when using crypt for commercial purposes, as noted in keyring-crypt(2).

Aescbc encrypts and decrypts using AES (Rijndael) in cypher block chaining (CBC) mode. It uses input and output formats compatible with Plan 9's aescbc command; it also accepts input in the format used by keyfs(4) and Plan 9's secstore. The -e option causes it to encrypt; the -d option to decrypt. The other options are just as for crypt.