# Install aescrypt with Homebrew, Nix, winget

Program for encryption/decryption. Version 0.7 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:aescrypt
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install aescrypt
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#aescrypt
```

  Evidence: nixpkgs package indexes: pkgs/by-name/ae/aescrypt/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

### Windows

- winget (92%):

```sh
winget install --id Terrapane.AESCrypt -e
```

  Evidence: Windows Package Manager source index: Terrapane.AESCrypt from https://cdn.winget.microsoft.com/cache/source.msix

## Package facts

- **Package key:** brew:aescrypt
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/aescrypt>
- **Version:** 0.7
- **Source summary:** Program for encryption/decryption
- **Homepage:** <https://aescrypt.sourceforge.net/>
- **Upstream docs:** <https://aescrypt.sourceforge.net/>
- **License:** BSD-4-Clause
- **Source archive:** <https://aescrypt.sourceforge.net/aescrypt-0.7.tar.gz>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- aescrypt (cli)
- aesget (cli)
- aescrypt (alias)
- aesget (alias)

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_big_sur, arm64_linux, arm64_monterey, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, big_sur, catalina, monterey, sonoma, ventura

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 0.7
- Local data: ok
- Upstream repository: https://aescrypt.sourceforge.net/
- info: No package-manager update timestamp was available.
- info: Release/tag comparison is only available for GitHub repositories.
## Project history and usage

AESCrypt is a small stream encryption and decryption utility for shell-script workflows. The official homepage describes aescrypt and aesget as standard-input filters using Rijndael in CFB-128 mode, with keys supplied from a key file or stdin.

### Project history

The project belongs to the early AES transition period. The official page says Eric Lee Green wrote AESCrypt, and Randy Kaelber modified it to use Rijndael rather than Twofish while adding larger key sizes.

The homepage is also a time capsule of early-2000s open-source cryptography distribution: SourceForge hosting, source tarballs, a companion Ruby implementation, and a visible export-control reminder from December 2000. The page was last modified on 2002-09-17, leaving the tool with a deliberately stable, small surface area.

### Adoption history

AESCrypt was explicitly framed as a component for scripts, not as a full encryption product. The homepage says keychain management, public-key signatures, and larger policy concerns are expected to happen outside the program, which made the tool easy to compose in shell workflows.

The page also warns that applications built from open-source encryption components had their own export-control responsibilities. That notice is useful adoption context: AESCrypt was expected to be used inside larger applications or scripted systems, not only run by hand.

### How it is used

The documented commands are aescrypt -k keyfile [-s 128|192|256] and aesget -k keyfile [-s 128|192|256]. The program encrypts or decrypts stdin, uses /dev/urandom to create a salt, prepends the salt while encrypting, and strips it while decrypting.

The key-file format is intentionally simple: a line beginning with kk= followed by hex key data. The homepage also documents reading the hex-coded key from stdin when the key file is -, while warning that this mode is less forgiving about exact key length.

### Why package nerds care

AESCrypt is package-nerd archaeology: a compact AES-era Unix filter with SourceForge hosting, script-first ergonomics, and a design that avoids becoming a full key-management system.

It is useful to know because package repositories often preserve compatibility tools for old shell workflows even when newer designs steer users toward age, GnuPG, OpenSSL, or platform-native encrypted storage.

### Timeline

- 2000-11-03: The homepage source records the page creation date.
- 2000-12-15: The homepage records an export-control reminder for users of open-source encryption components.
- 2002-09-17: The official homepage records its last-modified date.

### Related projects

- Related projects and concepts include Rijndael/AES, Twofish, the companion aes-rb Ruby module, random-device salt generation, and script-level encryption filters.

### Sources

- <https://aescrypt.sourceforge.net/>


## Security Notes

broad file, network, media, or database tool signal.

- **Geiger risk:** blue / medium
- broad file, network, media, or database tool signal

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** aescrypt
- **Version Scheme:** 0
- **Revision:** 0
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- Nix - aescrypt: normalized package name match | nixpkgs package indexes: pkgs/by-name/ae/aescrypt/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- winget - Terrapane.AESCrypt: normalized package name match | Windows Package Manager source index: Terrapane.AESCrypt from https://cdn.winget.microsoft.com/cache/source.msix


## Related links

- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [aespipe](https://www.automicvault.com/pkg/brew/aespipe/) - Shares av.db curated category or tags: aes, cli, cryptography, encryption, security.
- [age](https://www.automicvault.com/pkg/brew/age/) - Shares av.db curated category or tags: cli, cryptography, encryption, security.
- [age-plugin-se](https://www.automicvault.com/pkg/brew/age-plugin-se/) - Shares av.db curated category or tags: cli, cryptography, encryption, security.
- [age-plugin-yubikey](https://www.automicvault.com/pkg/brew/age-plugin-yubikey/) - Shares av.db curated category or tags: cli, cryptography, encryption, security.
- [ccrypt](https://www.automicvault.com/pkg/brew/ccrypt/) - Shares av.db curated category or tags: cli, cryptography, encryption, security.
- [gnupg](https://www.automicvault.com/pkg/brew/gnupg/) - Shares av.db curated category or tags: cli, cryptography, encryption, security.
- [nettle](https://www.automicvault.com/pkg/brew/nettle/) - Shares av.db curated category or tags: cli, cryptography, encryption, security.
- [scrypt](https://www.automicvault.com/pkg/brew/scrypt/) - Shares av.db curated category or tags: cli, cryptography, encryption, security.
- [sqlcipher](https://www.automicvault.com/pkg/brew/sqlcipher/) - Security-sensitive metadata or terminology overlaps. Shared terms: aes, cli, cryptography, encryption, security.

## Combined YAML source

View the package source record on GitHub. [combined/aescrypt.yml](https://github.com/automic-vault/db/blob/main/combined/aescrypt.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
