search

Entering a passphrase

triangle-exclamation

To ensure that files/private keys can always be decrypted, only use ASCIIarrow-up-right characters in passphrases. For example, use a password managerarrow-up-right to randomly generate passwords/passphrases.

hashtag
Interactively

There are three ways of entering a passphrase interactively:

  1. Press Enter on your keyboard (instead of typing anything) to randomly generate a secure passphrase, which will be displayed in the terminal. Make sure you copy this passphrase into a password managerarrow-up-right.

  2. Type in your passphrase, press Enter on your keyboard, and retype the passphrase.

  3. Paste your passphrase by right-clicking, press Enter on your keyboard, and paste the passphrase again.

circle-info

Kryptor uses UNIX style passphrase entry, meaning nothing is displayed in the terminal when you type. This prevents someone from seeing the passphrase characters and the length of the passphrase.

Here's what randomly generating a passphrase looks like:

$ kryptor -e -p file.txt

Enter a passphrase (leave empty for a random one):

Randomly generated passphrase: lethargic-shivering-confirm-doable-unlearned-fragility-aim-glitch

Here's what typing a passphrase looks like:

$ kryptor -e -p file.txt

Enter a passphrase (leave empty for a random one):

Retype passphrase:

hashtag
Non-interactively

Instead of the above, you can specify -p:"[passphrase]" like so:

To randomly generate a passphrase this way, you can specify -p:" " like so:

This method of passphrase entry can also be used for encrypting and decrypting a private key (e.g. for generating a key pair, encrypting files with a private key, or signing files). However, you must specify -x|--private alongside non-interactive passphrase entry for file encryption/decryption.

Here are some examples:

circle-exclamation

This shouldn't be used if someone else may see your screen.

Last updated