How do I encrypt a file to multiple people with rage?

Use the -r flag multiple times or create a recipients file with -R. For example, 'rage -o file.age -r key1 -r key2 file' encrypts to both recipients, and each can decrypt it.

rage vs GPG: which is better for simple file encryption?

rage is often better for its simplicity and modern design, avoiding GPG's complexity, but GPG might be preferred for PGP compatibility or advanced features like signing.

Can rage decrypt files made with the original Go age tool?

Yes, rage is fully interoperable with the age format, so it can decrypt files encrypted by the Go implementation and vice versa, ensuring cross-tool compatibility.

How to use a YubiKey with rage for encryption?

Install the age-plugin-yubikey plugin, then use it as an identity with the -j flag or configure it via plugins; the README provides details on hardware token support.

What SSH key types does rage support?

rage supports ssh-rsa and ssh-ed25519 public keys for encryption and corresponding private key files for decryption, but note that ssh-agent is not integrated.

Is rage secure for encrypting sensitive data like passwords?

Yes, it uses the age format designed for modern security, but always use strong passphrases or keys and follow best practices for key storage and management.

rage

Apache-2.0Rustv0.11.2

A Rust implementation of the age file encryption tool, offering simple, secure encryption with small explicit keys and UNIX-style composability.

Visit Website

What is rage?

rage is a Rust implementation of the age file encryption tool, providing a simple, secure, and modern way to encrypt files using the age format. It solves the problem of overly complex encryption tools by offering small explicit keys, no configuration options, and UNIX-style composability for seamless integration into command-line workflows.

Target Audience

Developers, system administrators, and security-conscious users who need a straightforward, reliable tool for encrypting files in scripts or manual operations, especially those working in UNIX-like environments.

Value Proposition

Developers choose rage for its simplicity, security, and interoperability with the age ecosystem, offering a modern alternative to tools like GnuPG with less complexity and better integration into automated workflows.

Overview

A simple, secure and modern file encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability.

Use Cases

Best For

Encrypting files for multiple recipients in automated scripts

Related Projects

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub

GitHub

3.4k stars151 forks0 contributors

Securing backups with passphrase or public key encryption

Integrating encryption into UNIX pipelines and command-line workflows

Using existing SSH keys for file encryption without additional setup

Developing Rust applications that require file encryption via the age crate

Encrypting sensitive data for storage or transfer with minimal configuration

Not Ideal For

Users who require graphical user interfaces for file encryption tasks
Environments where seamless ssh-agent integration is critical for SSH key management
Projects needing advanced encryption features like algorithm selection or policy-based encryption beyond the age format

Pros & Cons

Pros

Simple Key Handling

Uses compact, human-readable age keys and supports existing SSH public keys, making key sharing and management straightforward without complex setups.

Zero Configuration Overhead

Eliminates configuration files entirely, reducing complexity and focusing on command-line arguments for ease of use, as highlighted in the philosophy.

UNIX Pipeline Friendly

Designed to work with standard input/output and pipes, enabling seamless integration into shell scripts and automated workflows for composability.

Flexible Recipient Management

Supports encrypting to multiple recipients via repeated -r flags or recipient files with -R, facilitating collaboration without extra configuration.

Hardware Security Integration

Extensible via plugins like age-plugin-yubikey, allowing encryption with YubiKeys and other PIV tokens for enhanced security, though it requires external setup.

Cons

No SSH Agent Support

Decryption requires private key files, as ssh-agent is explicitly not supported, limiting key management for users who rely on agent-based workflows.

Overwriting Output by Default

The tool overwrites existing output files without confirmation, as stated in the usage, posing a risk of accidental data loss if not careful.

Limited Plugin Ecosystem

While plugin support exists, the ecosystem is nascent compared to mature tools, relying on community contributions like age-plugin-yubikey, which may not cover all hardware tokens.

Open Source Alternative To

rage is an open-source alternative to the following products:

O

OpenSSL enc

OpenSSL enc is a command-line tool within OpenSSL for symmetric encryption and decryption using various ciphers, commonly used for file encryption tasks.

GnuPG

GnuPG (GNU Privacy Guard) is a free implementation of the OpenPGP standard for encrypting and signing data and communications.

Frequently Asked Questions

Home

Cryptography

RustDesk

An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.

Stars112,686

Forks16,855

Last commit2 days ago

vaultwarden

Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs

Stars58,748

Forks2,708

Last commit2 days ago

RuView

π RuView: WiFi DensePose turns commodity WiFi signals into real-time human pose estimation, vital sign monitoring, and presence detection — all without a single pixel of video.

Stars49,417

Forks6,558

Last commit3 days ago

Warp

Warp is the agentic development environment, built for coding with multiple AI agents.

Stars26,486

Forks640

Last commit3 days ago