clevis-encrypt-file - Man Page

clevis encrypt file Config < PT > JWE

The clevis encrypt file command encrypts using a file policy. Its only argument is the JSON configuration object.

Encrypting data using the file pin works like this:

$ clevis encrypt file '{"name":"/path/to/file"}' < PT > JWE

The given file must not exist yet.

To decrypt the data, just pass it to the clevis decrypt command:

$ clevis decrypt < JWE > PT

This command uses the following configuration properties:

• name (string) : The name to the file where the jwk is stored (REQUIRED)

Requires that directories for that file already exist.

Rather for educational purposes.

clevis-decrypt(1)