# Install enchive with Homebrew, Nix, zypper

Encrypted personal archives. Version 3.5 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:enchive
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install enchive
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#enchive
```

  Evidence: nixpkgs package indexes: pkgs/by-name/en/enchive/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

- zypper (92%):

```sh
sudo zypper install enchive
```

  Evidence: openSUSE Tumbleweed package metadata: enchive from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst

## Package facts

- **Package key:** brew:enchive
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/enchive>
- **Version:** 3.5
- **Source summary:** Encrypted personal archives
- **Homepage:** <https://github.com/skeeto/enchive>
- **Repository:** <https://github.com/skeeto/enchive>
- **Upstream docs:** <https://github.com/skeeto/enchive#readme>
- **License:** Unlicense
- **Source archive:** <https://github.com/skeeto/enchive/releases/download/3.5/enchive-3.5.tar.xz>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- enchive (cli)
- enchive (alias)

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_big_sur, arm64_linux, arm64_monterey, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, big_sur, monterey, sonoma, ventura, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 3.5
- Local data: ok
- Upstream repository: https://github.com/skeeto/enchive
- info: No package-manager update timestamp was available.
- info: No cached GitHub release or tag data was available.
## Project history and usage

Enchive is a small personal-file encryption tool for archiving files to yourself. Its README positions it as a focused alternative to larger systems such as GnuPG or encrypted filesystems, with no external dependencies and portability prioritized over performance.

### Project history

The public repository dates to 2017, and the project's own documentation frames it as intentionally self-contained rather than ecosystem-seeking. It uses public-key style archival: a public key can encrypt files on machines that should not hold the secret key, while the secret key is needed for extraction.

### Adoption history

Enchive's README explicitly says it does not need critical mass because it does not need to interoperate with other systems or people. Its adoption story is therefore narrow by design: it appeals to users who want a copyable, auditable CLI for personal encrypted archives rather than a shared standard.

### How it is used

The documented workflow has three core commands: `keygen`, `archive`, and `extract`. By default, `keygen` writes `enchive.pub` and `enchive.sec` under `$XDG_CONFIG_HOME/enchive` or `~/.config/enchive`; archiving produces a `.enchive` file while leaving the original in place unless deletion is requested.

The tool also supports deriving an asymmetric key pair from a passphrase, using an scrypt-like memory-hard derivation scheme, and can run a short-lived key agent on Unix-like systems to avoid repeated passphrase prompts.

### Why package nerds care

Enchive is package-nerd interesting because it is deliberately small: one CLI, no external dependencies, a documented file format, and a build that can produce a standalone C program. It represents the opposite end of the packaging spectrum from large crypto suites.

The tradeoff is visible in the README: Enchive is not trying to be a universal format or social web of keys. It is for users who want a simple local archival workflow and are comfortable choosing a niche tool for that job.

### Timeline

- 2017: Public GitHub repository created.
- 2018: Published manual page generated for Enchive.
- 2025: Repository remained updated, according to available GitHub metadata.

### Related projects

- GnuPG and encrypted filesystems are named by the README as more complex alternatives.
- Curve25519, ChaCha-family encryption, HMAC-SHA256, and an scrypt-like key derivation algorithm are documented implementation pieces.

### Sources

- <https://github.com/skeeto/enchive>
- <https://raw.githubusercontent.com/skeeto/enchive/master/README.md>
- <https://nullprogram.com/enchive/>
- <https://api.github.com/repos/skeeto/enchive>


## Security Notes

broad file, network, media, or database tool signal.

- **Geiger risk:** blue / medium
- broad file, network, media, or database tool signal


## Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.


## Configuration files

- Unix: $XDG_CONFIG_HOME/enchive/enchive.pub, ~/.config/enchive/enchive.pub

## Credential files

- Unix: $XDG_CONFIG_HOME/enchive/enchive.sec, ~/.config/enchive/enchive.sec
## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** enchive
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Nix - enchive: normalized package name match | nixpkgs package indexes: pkgs/by-name/en/enchive/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- zypper - enchive - 3.5-2.6: normalized package name match | openSUSE Tumbleweed package metadata: enchive from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst | Long-term archive encryption tool | https://github.com/skeeto/enchive


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Archive and compression packages](https://www.automicvault.com/pkg/archive-compression-tools/) - Matched archive or compression metadata.
- [encfs](https://www.automicvault.com/pkg/brew/encfs/) - Shares av.db curated category or tags: cli, encryption, security.
- [git-crypt](https://www.automicvault.com/pkg/brew/git-crypt/) - Shares av.db curated category or tags: cli, encryption, security.
- [git-remote-gcrypt](https://www.automicvault.com/pkg/brew/git-remote-gcrypt/) - Shares av.db curated category or tags: cli, encryption, security.
- [nettle](https://www.automicvault.com/pkg/brew/nettle/) - Shares av.db curated category or tags: cli, encryption, security.
- [openbao](https://www.automicvault.com/pkg/brew/openbao/) - Shares av.db curated category or tags: cli, encryption, security.
- [pwsafe](https://www.automicvault.com/pkg/brew/pwsafe/) - Shares av.db curated category or tags: cli, encryption, security.
- [reop](https://www.automicvault.com/pkg/brew/reop/) - Shares av.db curated category or tags: cli, encryption, security.
- [sqlcipher](https://www.automicvault.com/pkg/brew/sqlcipher/) - Shares av.db curated category or tags: cli, encryption, security.
- [age](https://www.automicvault.com/pkg/brew/age/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, encryption, file, security.
- [blackbox](https://www.automicvault.com/pkg/brew/blackbox/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, encryption, file, security.

## Combined YAML source

View the package source record on GitHub. [combined/enchive.yml](https://github.com/automic-vault/db/blob/main/combined/enchive.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated configuration and credential file locations
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
