DOKK / manpages / debian 11 / age / age.1.en
AGE(1) User Commands AGE(1)

age - simple, modern and secure encryption tool

age --recipient RECIPIENT [-a] [-o OUTPUT] [INPUT]
age --decrypt [-i KEY] [-o OUTPUT] [INPUT]

Write the result to the file at path OUTPUT.

Encrypt to a PEM encoded format.

Encrypt with a passphrase.

Encrypt to the specified RECIPIENT. Can be repeated.

Decrypt the input to the output.

Use the private key file at path KEY. Can be repeated.

INPUT defaults to standard input, and OUTPUT defaults to standard output.

RECIPIENT can be an age public key, as generated by age-keygen(1), ("age1...") or an SSH public key ("ssh-ed25519 AAAA...", "ssh-rsa AAAA...").

KEY is a path to a file with age secret keys, one per line (ignoring "#" prefixed comments and empty lines), or to an SSH key file. Multiple keys can be provided, and any unused ones will be ignored.

age-keygen(1):
$ age-keygen -o key.txt
Public key: age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p

$ age -r age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p < file > file.age

$ age -d -i key.txt -o file file.age

age-keygen(1)

Filippo Valsorda <github@filippo.io>

See https://github.com/FiloSottile/age/graphs/contributors

July 2020 Debian