step crypto nacl box seal
Name
step crypto nacl box seal -- produce an authenticated and encrypted ciphertext
Usage
step crypto nacl box seal <nonce> <recipient-pub-key> <priv-key>
[--raw]
Description
Reads plaintext from STDIN and writes an encrypted and authenticated
ciphertext to STDOUT. The "box" can be open by the a recipient who has access
to the private key corresponding to recipient-pub-key.
This command uses an implementation of NaCl's crypto_box function.
For examples, see step help crypto nacl box.
Positional arguments
nonce
Must be unique for each distinct message for a given pair of keys.
To use a binary nonce use the prefix 'base64:' and the standard base64 encoding. e.g. base64:081D3pFPBkwx1bURR9HQjiYbAUxigo0Z
recipient-pub-key
The path to the public key of the intended recipient of the sealed box.
priv-key
The path to the private key used for authentication.
Options
--raw Do not base64 encode output
Introducing
Device Identity
Ensure that only company-owned devices can access your enterprise's most sensitive resources.
