skip to main content

SRA Toolkit Documentation

Back to List of the Tools

Tool: vdb-encrypt

vdb-encrypt - encrypt a file or all the files (recursively) in a directory
vdb-encrypt [options] <source-file>
vdb-encrypt [options] <source-file> <destination-file>
vdb-encrypt [options] <source-file> <destination-directory>
vdb-encrypt [options] <directory>
source-file - file to encrypt
destination-file - name of resulting file
destination-directory - directory of resulting file
directory - directory to encrypt
Encrypt a file or all the files (recursively) in a directory
-f | --force force overwrite of existing files
-h | --help Output brief explanation of program usage
-V | --version Display the version of the program
-L | --log-level <level> Logging level as number or enum string One of (fatal|sys|int|err|warn|info) or (0-5). Current/default is warn
-v | --verbose Increase the verbosity level of the program. Use multiple times for more verbosity
--option-file Read file for more options and parameters

With a single parameter, encryptions are in place, replacing files with new files that are encrypted, unless the files are already encrypted.

With two parameters, encrypted copies of files are created, without changing the original files. If a file is already encrypted, it will only be copied.

Hidden files (that begin with a '.') having the extension .vdb-decrypt-tmp or .vdb-decrypt-tmp.lock are considered temporary files used by vdb-encrypt and are not encrypted. If encountered during in-place encryption, these files will be considered busy and skipped, unless the --force option was given.

In all other cases no file extensions are considered or changed.

Missing directories in the destination path will be created.

Already existing destination files will cause the program to end with an error and will be left unchanged unless the --force option is used to force the files to be overwritten.



The password is not given on the command line. It must be in a a file that should be able to be read only by the user account running the program.

The location of that file should be found in one of these places in order:

1. An environment variable VDB_PWFILE

2. The VDB Configuration file option 'krypto/pwfile'