Password Attacksencryptiondecryptionaesrijndaelcryptographystreams

ccrypt

ccrypt is a utility for secure encryption and decryption of files and streams using the Rijndael cipher, the basis for AES. It serves as a replacement for the weak Unix crypt utility.

Description

ccrypt provides strong encryption for files and streams, utilizing the Rijndael cipher selected by the U.S. government for the Advanced Encryption Standard (AES). It addresses the vulnerabilities of the traditional Unix crypt utility, which employs a weak algorithm. The tool supports various operations including encryption, decryption, key changes, and handling old Unix crypt files.

Use cases include securing sensitive data on Kali Linux systems, encrypting streams for secure transmission, and decrypting legacy Unix crypt files. Additional binaries like ccguess assist in searching for encryption keys, while elpa-ps-ccrypt enables seamless integration with Emacs for handling encrypted files transparently.

The package is lightweight at 180 KB and depends on libc6 and libcrypt1, making it easy to deploy in security workflows requiring robust file protection.

How It Works

ccrypt operates using the Rijndael cipher algorithm, the foundation of AES, to encrypt and decrypt data. It processes files or streams directly, replacing the insecure Unix crypt method. Tools like ccguess brute-force approximate keys by trying variations up to a specified depth, supporting printable or non-printable characters.

Installation

bash

sudo apt install ccrypt

Flags

-e, --encryptencrypt

-d, --decryptdecrypt

-c, --catcat; decrypt files to stdout

-x, --keychangechange key

-u, --unixcryptdecrypt old unix crypt files

-h, --helpprint this help message and exit

-V, --versionprint version info and exit

-L, --licenseprint license info and exit

-v, --verboseprint progress information to stderr

-q, --quietrun quietly; suppress warnings

-f, --forceoverwrite existing files without asking

-m, --mismatchallow decryption with non-matching key

-E, --envvar varread keyword from environment variable (unsafe)

-K, --key <key>specify approximate key

-d, --depthtry up to this many changes to key (default: 5)

-c, --continuekeep trying more keys after first match

-n, --non-printableallow non-printable characters in keys

-t, --chartable <chars>characters to use in passwords (default: printable)

Examples

Display help for ccat, which decrypts files to stdout

ccat -h

Display help for ccrypt main utility

ccrypt -h

Display help for ccdecrypt

ccdecrypt -h

Display help for ccencrypt

ccencrypt -h

Display help for ccguess key search utility

ccguess -h

Encrypt file.txt using ccrypt

ccrypt -e file.txt

Decrypt encrypted file

ccrypt -d file.txt.cpt

Decrypt and output file contents to stdout

ccat file.txt.cpt

Updated 2026-04-16kali.org ↗