How to Use Vim to Encrypt Text Files on Linux

Most of us keep important notes, login credentials, and other sensitive information in text files. However, it is not safe to keep this information in plain text. One of the ways to protect sensitive information is to use encryption.

If you are looking for a simple and fast way to encrypt a file on Linux, you can use the Vim editor. Vim has some built-in file encryption features that allow you to protect sensitive information using different encryption methods. Only a person with the correct key can access the encrypted file.

Let’s see how you can use Vim to encrypt text files on Linux.

How to encrypt a file using Vim

To encrypt a file using Vim, first, open it in the editor using the following command:

vim filename

If a file with the specified filename does not exist, Vim will create it. now go to insert mode pressing the button Yo key and add the text you want to include in the file.

To encrypt the file, press Esc go to command modetype the following line and press Get into:

:X
encrypt file using vim

Vim will ask you for the encryption key. You will have to enter the password twice.

enter the encryption key

To save your changes and exit Vim, type the following and press Get into:

:wq

This will encrypt your text file. You can use the cat command to verify it:

cat filename
view encrypted file

An alternative way to encrypt a file in Vim is to use the following command:

vim -x filename 

You will be prompted for an encryption key. Please enter the key twice to avoid typos. Then edit your file and once you’re done, save and exit Vim.

Open an encrypted file with Vim

To open an encrypted file, you will need to provide the correct encryption key. If you don’t enter the correct key, Vim will spam your content. Never save the file in such a situation; otherwise your file will be overwritten with the junk content.

open an encrypted file

How to check the encryption method

To check the encryption method that Vim used to encrypt a particular file, use the following command:

file encrypted_filename
check encryption method using file command

You can also check the encryption method from the editor. To do this, open the encrypted file in Vim, then while in the command modetype the following and press Get into:

:setlocal cm?

This will print the line showing the encryption method for the current file.

blowfish2 cipher

To see all the encryption methods available in Vim, type:

:h ‘cm’

This will open a help page listing all of the encryption methods along with a brief description of each.

see available encryption methods

Change file encryption method in Vim

To change the encryption method of an encrypted file, open it in Vim and enter the encryption key. then in the command modetype the following command replacing encryption_method with puffer fish2, puffer fish or zip:

:setlocal cm=encryption_method

For example, to change the encryption method to pufferfish, type:

:setlocal cm=blowfish

Then save the changes using:

:w

Change or remove the encryption key

To change the encryption key for an encrypted file, open the file in Vim. Then, type the encryption key to access the content. While in the command mode writes:

:X

It will ask you for the encryption key. Type a new password, and then type it again to confirm.

To remove encryption, just press Get into twice without typing any keys. Once this is done, make sure to save the changes by typing:

:w
remove encryption in a vim file

Keep your passwords in an encrypted file

You can use Vim to encrypt/decrypt text files on Linux instead of using a separate encryption tool. You can also save passwords in an encrypted file and use Vim as a password manager. Note, however, that the encryption methods like zip and blowfish that Vim offers are not strong. It is recommended to only use blowfish2, which is a strong encryption method.

You don’t need to be a Vim expert to encrypt your files, just learn a few basics and you’ll be good to go.

Leave a Reply

Your email address will not be published. Required fields are marked *