A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

age

pkg.go.dev

age is a simple, modern and secure file encryption tool, format, and library.

It features small explicit keys, no config options, and UNIX-style composability.

$ age-keygen -o key.txt
Public key: age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p
$ tar cvz ~/data | age -r age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p > data.tar.gz.age
$ age --decrypt -i key.txt data.tar.gz.age > data.tar.gz

The format specification is at age-encryption.org/v1. To discuss the spec or other age related topics, please email the mailing list at [email protected]. age was designed by @Benjojo12 and @FiloSottile.

An alternative interoperable Rust implementation is available at github.com/str4d/rage.

Usage

Usage:
    age (-r RECIPIENT | -R PATH)... [--armor] [-o OUTPUT] [INPUT]
    age --passphrase [--armor] [-o OUTPUT] [INPUT]
    age --decrypt [-i PATH]... [-o OUTPUT] [INPUT]

Options:
    -o, --output OUTPUT         Write the result to the file at path OUTPUT.
    -a, --armor                 Encrypt to a PEM encoded format.
    -p, --passphrase            Encrypt with a passphrase.
    -r, --recipient RECIPIENT   Encrypt to the specified RECIPIENT. Can be repeated.
    -R, --recipients-file PATH  Encrypt to recipients listed at PATH. Can be repeated.
    -d, --decrypt               Decrypt the input to the output.
    -i, --identity PATH         Use the identity file at PATH. Can be repeated.

INPUT defaults to standard input, and OUTPUT defaults to standard output.

RECIPIENT can be an age public key generated by age-keygen ("age1...")
or an SSH public key ("ssh-ed25519 AAAA...", "ssh-rsa AAAA...").

Recipient files contain one or more recipients, one per line. Empty lines
and lines starting with "#" are ignored as comments. "-" may be used to
read recipients from standard input.

Identity files contain one or more secret keys ("AGE-SECRET-KEY-1..."),
one per line, or an SSH key. Empty lines and lines starting with "#" are
ignored as comments. Multiple key files can be provided, and any unused ones
will be ignored. "-" may be used to read identities from standard input.

Multiple recipients

Files can be encrypted to multiple recipients by repeating -r/--recipient. Every recipient will be able to decrypt the file.

$ age -o example.jpg.age -r age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p \
    -r age1lggyhqrw2nlhcxprm67z43rta597azn8gknawjehu9d9dl0jq3yqqvfafg example.jpg

Recipient files

Multiple recipients can also be listed one per line in one or more files passed with the -R/--recipients-file flag.

$ cat recipients.txt
# Alice
age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p
# Bob
age1lggyhqrw2nlhcxprm67z43rta597azn8gknawjehu9d9dl0jq3yqqvfafg
$ age -R recipients.txt example.jpg > example.jpg.age

If the argument to -R (or -i) is -, the file is read from standard input.

Passphrases

Files can be encrypted with a passphrase by using -p/--passphrase. By default age will automatically generate a secure passphrase. Passphrase protected files are automatically detected at decrypt time.

$ age -p secrets.txt > secrets.txt.age
Enter passphrase (leave empty to autogenerate a secure one):
Using the autogenerated passphrase "release-response-step-brand-wrap-ankle-pair-unusual-sword-train".
$ age -d secrets.txt.age > secrets.txt
Enter passphrase:

SSH keys

As a convenience feature, age also supports encrypting to ssh-rsa and ssh-ed25519 SSH public keys, and decrypting with the respective private key file. (ssh-agent is not supported.)

$ age -R ~/.ssh/id_ed25519.pub example.jpg > example.jpg.age
$ age -d -i ~/.ssh/id_ed25519 example.jpg.age > example.jpg

Note that SSH key support employs more complex cryptography, and embeds a public key tag in the encrypted file, making it possible to track files that are encrypted to a specific public key.

Encrypting to a GitHub user

Combining SSH key support and -R, you can easily encrypt a file to the SSH keys listed on a GitHub profile.

$ curl https://github.com/benjojo.keys | age -R - example.jpg > example.jpg.age

Keep in mind that people might not protect SSH keys long-term, since they are revokable when used only for authentication, and that SSH keys held on YubiKeys can't be used to decrypt files.

Installation

On macOS or Linux, you can use Homebrew:

brew tap filippo.io/age https://filippo.io/age
brew install age

On Windows, Linux, and macOS, you can use the pre-built binaries.

If your system has Go 1.13+, you can build from source:

git clone https://filippo.io/age && cd age
go build -o . filippo.io/age/cmd/...

On Arch Linux, age is available in the official repositories:

sudo pacman -Syu age

On OpenBSD -current and 6.7+, you can use the port:

pkg_add age

On all supported versions of FreeBSD, you can build the security/age port or use pkg:

pkg install age

Help from new packagers is very welcome.

Owner
Filippo Valsorda
Cryptogopher. Go security lead. @recursecenter alum. RC F'13, F2'17.
Filippo Valsorda
https://github.com/FiloSottile/age https://age-encryption.org
Comments
  • Expose Go library functions (please review the API!)

    Expose Go library functions (please review the API!)

    What were you trying to do

    Use age encryption in a Go program by importing it.

    What happened

    Because age uses internal it prevents importing. I suspect this was on purpose, and that's okay, but just wanted to check if this was sought a possibility for this spec.

  • Don't decrypt unless it's a ramdisk

    Don't decrypt unless it's a ramdisk

    Currently age, just like gpg, supports decrypting to files. However, files are usually stored on permanent storage media. However, on contemporary file systems, deletion of a file does not lead to deletion of its contents in the block device. And even tools like shred don't help you with modern SSDs which have a complicated wear levelling layer between you and the hardware: shredding won't necessarily overwrite the data at all.

    The only way to use age safely is by using a ramdisk. Therefore, age should refuse operation if the location of the decrypted file is not on a ramdisk. If swap is available on the system, even tmpfs is a danger as it can be paged as well. Maybe if swap is detected, a warning could be emitted?

  • Compare and contrast with encpipe

    Compare and contrast with encpipe

    Namaste,

    I am not a cryptographer. I am not a math expert.

    Would it be possible for the good volks here to compare and contrast age with encpipe (https://github.com/jedisct1/encpipe), especially for the encrypted backup use case? The signing of the backup will be handled by signify/minisign.

    I am trying to decide between age and encpipe. My limited understanding layman comparison tells me that encpipe is written in C, is ISC licenced, and seems simple in terms of complexity. On the other hand, age is written in go, is BSD licenced and seems medium in terms of complexity.

    As I said, I am not a cryptographer.

    Dhanyavaad.

  • UX: separate public/private key files

    UX: separate public/private key files

    What were you trying to do

    Sharing the public key.

    What happened

    I needed to open the file and copy-paste the public key characters in order to share the public key. Having a separate file for the public key would make it more easy for me to share using standard tools, avoids copy-pasting user errors and avoids shoulder surfing issues.

  • Hardware tokens

    Hardware tokens

    Hi there,

    This isn't really a bug report.

    I was wondering if there's any plan to allow the use of hardware tokens (like yubikey) with age?

    I'm super-keen to ditch gpg, but I'd also like to be able to use my yubikeys!

    Thanks

  • Get recipient keys from https:// and file:// URLs

    Get recipient keys from https:// and file:// URLs

    This patch includes support for https:// and file:// URLs as recipient arguments. The URL is fetched and each line is added as a recipient.

    e.g.

    -r https://github.com/<user>.keys       (Use GitHub keys)
-r file:///home/<user>/.ssh/<key>.pub   (Use local SSH key)

    This is mostly useful to allow recipient keys to be specified directly from a GitHub URL (or other service which provides an equivalent)

  • Is it safe to use age for long term storage?

    Is it safe to use age for long term storage?

    I see that age is still marked as beta in the releases page, but I'm wondering if it is stable enough for me to (symmetric) encrypt a file with it now, and come back to decrypt it after some years with a new version of age?

    p.s: thanks for making such a user friendly encryption tool.

  • Manual pages

    Manual pages

    Inspired by https://twitter.com/FiloSottile/status/1277084905428656129 I thought I'd quickly throw together a couple of man pages, based on the README. :-)

  • Add --version and --help flags to executables

    Add --version and --help flags to executables

    Closes #74 , Closes #101 This patch adds flags for access to the usage message and the version tag/hash as requested in #74 and #57, respectively.

    age and age-keygen with the --help or -h flag will print their usage message and exit, and age will also print usage when no flags or arguments are passed. Per #22, I didn't add age help.
    age-keygen now has a usage message.

    ~~-v and~~ (Removed, see below) --version work for both age and age-keygen, and will print the most recent git info at time of compilation. There are two build scripts (bash and Powershell) that grab the most recent tag and current short hash, and uses -ldflags to pass them to main.version and main.commit (named for compatibility with goreleaser defaults). Current format is

    Version: [most recent tag]
Hash: [shorthash]

    and
    Version: [most recent tag] when on a tagged commit or the --release flag is passed to the script.
    I also updated the Homebrew formula for this, but it doesn't currently have an effect

  • UX: Encrypt private key by default

    UX: Encrypt private key by default

    What were you trying to do

    I was playing with the Age beta, generating keys

    What happened

    I think that in spite of solid UNIX file permissions, the default behaviour should be to encrypt private keys with a symmetric key derived from a password.

    Is there an intention to add this feature to Age? If not how best should users. secure plaintext private key material?

    Reading the document on Age I see:

    Maybe native support for key wrapping (to implement password-protected keys)

    However surely that's a fundamental need, otherwise private key material sits in plaintext.

  • umask in warning message is confusing

    umask in warning message is confusing

    https://github.com/FiloSottile/age/blob/e43cf8b4a2d571df8dcb30783a460acbf188adb4/cmd/age-keygen/keygen.go#L41-L42

    066 sets the file to writable by group and everyone but not the user. I think it's meant to be 0660.

Related tags
Security cli encryption modern scrypt curve25519 secure-by-default zero-configuration age unix-philosophy built-at-rc age-encryption
Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.
 Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side (

Database protection suite with field level encryption and intrusion detection. | Acra Engineering Examples | Documentation | Installation | Examples a

Dec 28, 2022
XXTEA is a fast and secure encryption algorithm.

XXTEA Golang Introduction xxtea is a fast and secure encryption algorithm. This project is the Golang implementation of the xxtea encryption algorithm

Aug 3, 2022
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
 Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Jan 6, 2023
Rainbow is a dashboard for Decentralized Finance(DeFi) Options trading.
 Rainbow is a dashboard for Decentralized Finance(DeFi) Options trading.

Rainbow is a dashboard for Decentralized Finance options trading. It's developed during Solana's Ignition & Ethereum's EthGlobal Hackathons by members

Dec 14, 2022
A tool for secrets management, encryption as a service, and privileged access management
 A tool for secrets management, encryption as a service, and privileged access management

Vault Please note: We take Vault's security and our users' trust very seriously. If you believe you have found a security issue in Vault, please respo

Jan 2, 2023
Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more...
 Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more...

Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more... Coded with ?? by edoardottt. Share on Twitter! P

Dec 25, 2022
🌰 encrypt/decrypt using ssh keys

ssh-vault ?? encrypt/decrypt using ssh private keys Documentation https://ssh-vault.com Usage $ ssh-vault -h Example: $ echo "secret" | ssh-vault -u

Dec 30, 2022
An easy-to-use XChaCha20-encryption wrapper for io.ReadWriteCloser (even lossy UDP) using ECDH key exchange algorithm, ED25519 signatures and Blake3+Poly1305 checksums/message-authentication for Go (golang). Also a multiplexer.

Quick start Prepare keys (on both sides): [ -f ~/.ssh/id_ed25519 ] && [ -f ~/.ssh/id_ed25519.pub ] || ssh-keygen -t ed25519 scp ~/.ssh/id_ed25519.pub

Dec 30, 2022
password manager using age for encryption

page ====== password manager using age (https://age-encryption.org/) for encryption. encrypted secrets are files in the $PAGE_SECRETS/ directory that

May 30, 2022
A modern tool for the Windows kernel exploration and tracing
 A modern tool for the Windows kernel exploration and tracing

Fibratus A modern tool for the Windows kernel exploration and observability Get Started » Docs • Filaments • Download • Discussions What is Fibratus?

Dec 30, 2022
A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase.

goSecretBoxPassword This is a Golang library for securing passwords it is based on the Dropbox method for password storage. The both passphrases are f

Jan 3, 2023
Secure Remote Password library for Go

go-srp NOTE: This is a port of node-srp to Go. I recommend reading their README for general information about the use of SRP. Installation go get gith

Aug 8, 2022
A Go Library For Generating Random, Rule Based Passwords. Many Random, Much Secure.
 A Go Library For Generating Random, Rule Based Passwords. Many Random, Much Secure.

Can Haz Password? A Go library for generating random, rule based passwords. Many random, much secure. Features Randomized password length (bounded). T

Dec 6, 2021
linenoise is a library that generates strings of random characters that can be used as reasonably secure passwords.

linenoise linenoise is a library that generates strings of random characters (herein called a "noise") that can be used as reasonably secure passwords

Dec 7, 2022
SingularityCE is the Community Edition of Singularity, an open source container platform designed to be simple, fast, and secure.

SingularityCE Guidelines for Contributing Pull Request Template Project License Documentation Support Citation SingularityCE is the Community Edition

Jan 5, 2023
Search and store the best cryptos for the best scalable and modern application development.

Invst Hunt Search and store the best cryptos for the best scalable and modern application development. Layout Creating... Project Challenge The Techni

Nov 12, 2021
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
 DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

Minify and Secure Docker containers (free and open source!) Don't change anything in your Docker container image and minify it by up to 30x making it

Dec 27, 2022
coyim - a safe and secure chat client
 coyim - a safe and secure chat client

CoyIM - a safe and secure chat client CoyIM is a new client for the XMPP protocol. It is built upon https://github.com/agl/xmpp-client and https://git

Dec 7, 2022
Windows 11 TPM 2.0 and Secure Boot Setup.exe/Registry bypass written in Go.

Win11-Patcher Windows 11 TPM 2.0 and Secure Boot Setup.exe bypass written in Go. Compiling Requires Go (no shit) Requires a version of 7zip that you c

Dec 19, 2022