Automic VaultAutomic Vault

brew

Install enchive with Homebrew, Nix, zypper

Encrypted personal archives. Version 3.5 via Homebrew; verified from local package data.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install enchive

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#enchive

nixpkgs package indexes · pkgs/by-name/en/enchive/package.nix · source: api.github.com

openSUSE zypperverified · 92%
sudo zypper install enchive

openSUSE Tumbleweed package metadata · enchive · source: download.opensuse.org

overview

Package summary

Encrypted personal archives

Commands and aliases

  • enchive

history

Project history and usage

Enchive is a small personal-file encryption tool for archiving files to yourself. Its README positions it as a focused alternative to larger systems such as GnuPG or encrypted filesystems, with no external dependencies and portability prioritized over performance.

Project history

The public repository dates to 2017, and the project's own documentation frames it as intentionally self-contained rather than ecosystem-seeking. It uses public-key style archival: a public key can encrypt files on machines that should not hold the secret key, while the secret key is needed for extraction.

Adoption history

Enchive's README explicitly says it does not need critical mass because it does not need to interoperate with other systems or people. Its adoption story is therefore narrow by design: it appeals to users who want a copyable, auditable CLI for personal encrypted archives rather than a shared standard.

How it is used

The documented workflow has three core commands: `keygen`, `archive`, and `extract`. By default, `keygen` writes `enchive.pub` and `enchive.sec` under `$XDG_CONFIG_HOME/enchive` or `~/.config/enchive`; archiving produces a `.enchive` file while leaving the original in place unless deletion is requested.

The tool also supports deriving an asymmetric key pair from a passphrase, using an scrypt-like memory-hard derivation scheme, and can run a short-lived key agent on Unix-like systems to avoid repeated passphrase prompts.

Why package nerds care

Enchive is package-nerd interesting because it is deliberately small: one CLI, no external dependencies, a documented file format, and a build that can produce a standalone C program. It represents the opposite end of the packaging spectrum from large crypto suites.

The tradeoff is visible in the README: Enchive is not trying to be a universal format or social web of keys. It is for users who want a simple local archival workflow and are comfortable choosing a niche tool for that job.

Timeline

  • 2017: Public GitHub repository created.
  • 2018: Published manual page generated for Enchive.
  • 2025: Repository remained updated, according to available GitHub metadata.

Related projects

  • GnuPG and encrypted filesystems are named by the README as more complex alternatives.
  • Curve25519, ChaCha-family encryption, HMAC-SHA256, and an scrypt-like key derivation algorithm are documented implementation pieces.

security posture

Risk level: blue

broad file, network, media, or database tool signal.

Risk classifier

blue risk · medium confidence · tool

Why

  • broad file, network, media, or database tool signal

Signals

  • text:archive,encrypt

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 12 platform targets.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
$XDG_CONFIG_HOME/enchive/enchive.pub~/.config/enchive/enchive.pub

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
$XDG_CONFIG_HOME/enchive/enchive.sec~/.config/enchive/enchive.sec

executables

Installed executables

CommandKindExposureNote
enchivecliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version3.5
manager updated
local dataok
upstreamnot checked
latest detectednot detected

https://github.com/skeeto/enchive

  • infoNo package-manager update timestamp was available.low confidence
  • infoNo cached GitHub release or tag data was available.https://github.com/skeeto/enchivenone confidence

install metadata

Package metadata

Package keybrew:enchive
Version3.5
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/enchive
Homepagehttps://github.com/skeeto/enchive
Repositoryhttps://github.com/skeeto/enchive
Upstream docshttps://github.com/skeeto/enchive#readme
LicenseUnlicense
Source archivehttps://github.com/skeeto/enchive/releases/download/3.5/enchive-3.5.tar.xz
Bottleavailable (on arm64_big_sur, arm64_linux, arm64_monterey, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, big_sur, monterey, sonoma, ventura, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameenchive
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

enchive

nix profile install nixpkgs#enchive
  • normalized package name match
  • Matched by: Enchive
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/en/enchive/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
zypper95%

enchive 3.5-2.6

Long-term archive encryption tool

https://github.com/skeeto/enchive

sudo zypper install enchive
  • License: Unlicense
  • Category: Productivity/Networking/Security
  • Architecture: x86_64
  • Source Package: enchive
  • 1 dependencies
  • 1 provides
  • normalized package name match
  • Matched by: Enchive
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: enchive from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment