Apart from creating and editing text files, we can also encrypt files using Vim editor. This brief guide shows you how to password protect text files using Vim editor in Linux and Unix-like operating systems.
Vim editor is a powerful and feature-rich application used to to create and edit text files. It is a cross-platform application, so you can use it on all platforms, including Android, iOS, Linux, Unix, macOS, and MS Windows.
Vim is not just for creating or editing files, we can even encrypt text files using Vim editor. To put this in other words, Vim is able to write files encrypted, and read them back.
The encrypted text cannot be read without the correct key. Whenever you try to edit an encrypted file with Vim, you will be asked to enter the right key.
If you type the same key as that was used for writing, you can read the text again. If you use a wrong key, you will see some junk and messy characters.
Enough talk! Let us go ahead and encrypt files using Vim editor in Linux.
Install Vim Editor in Linux
Vim is available in the official repositories of almost all Linux and Unix distributions. You can install Vim using your distribution’s default package manager.
To install Vim editor in Alpine Linux, run:
$ sudo apk update
$ sudo apk add vim
Install Vim editor in Arch Linux:
$ sudo pacman -S vim
Install Vim editor in Debian, Ubuntu, Pop!_OS, Linux Mint:
$ sudo apt install vim
Install Vim editor in Fedora, RHEL, AlmaLinux, Rocky Linux:
$ sudo dnf install vim
Install Vim editor in openSUSE:
$ sudo zypper install vim
Install Vim editor in Gentoo:
# emerge --ask app-editors/vim
Install Vim editor in FreeBSD desktop:
# pkg install vim
Install Vim editor in FreeBSD server:
# pkg install vim-console
Password protect text files using Vim editor in Linux
All the steps given below are tested on a Fedora 34 system. However the steps are same for other distributions.
The typical way to encrypt a text file using Vim is to use the
:x option (lowercase
x) when creating a new file.
Step 1: Open your text file using Vim editor with
$ vim -x ostechnix.txt
Step 2: Type your passphrase twice and hit
Important note: Do not lose the password. You can’t read the file without the right passphrase. Also if you make a typing mistake when entering the key, you might not be able to access your text back!
Step 3: Now press the
i key to enter into
insert mode. Start typing or editing the file as the way you do normally.
Step 4: Once done with the editing, press
ESC to exit from the
insert mode and type
:wq to save the file and close it.
Congratulations! We just encrypted a text file with a password using Vim.
Access or read password protected file using Vim editor
Whenever you try to access or edit the password-protected file using Vim, you will be prompted to enter the correct passphrase.
$ vim ostechnix.txt
Upon entering the right passphrase, the text file will be readable again.
If you don’t enter the correct password, the text will simply look like a mess.
Please note that you can access the password-protected file only using the Vim editor, but not from other text viewers.
If you try to view the the password-protected file using other CLI or GUI text viewers and editors, you will see nothing but some junk characters as shown in the below picture.
Change encryption method in Vim editor
Starting from version
7.4.399 and above, Vim uses
blowfish2 encryption method by default to encrypt files.
To view the current encryption method, simply open the encrypted file and type the following in the command mode:
You will see the current authentication method of Vim editor:
The bluefish2 is the strong and recommended encryption method in the latest editions of Vim editor.
If you’re using any old versions, you should change the encryption method using command:
If you wish to switch to the less secure encryption methods, such as
After choosing the encryption method, don’t type
:w to apply the changes.
I strongly recommend you to always use
blowfish2 method, which is best for security.
cryptmethod help section for more details.
To open the
cryptmethod(cm) help section, run the following in command mode:
'cryptmethod' 'cm' 'cryptmethod' 'cm' string (default "blowfish2") global or local to buffer global-local Method used for encryption when the buffer is written to a file: pkzip zip PkZip compatible method. A weak kind of encryption. Backwards compatible with Vim 7.2 and older. blowfish blowfish Blowfish method. Medium strong encryption but it has an implementation flaw. Requires Vim 7.3 or later, files can NOT be read by Vim 7.2 and older. This adds a "seed" to the file, every time you write the file the encrypted bytes will be different. blowfish2 blowfish2 Blowfish method. Medium strong encryption. Requires Vim 7.4.401 or later, files can NOT be read by Vim 7.3 and older. This adds a "seed" to the file, every time you write the file the encrypted bytes will be different. [...]
Change password of a file using Vim editor
If you want to change the password of an encrypted file, you should know the current password.
Step 1: Open the encrypted file using Vim:
$ vim ostechnix.txt
Enter the current passphrase to view its contents.
Step 2: Type
:X (Upper case x) and hit ENTER key. Next, type your new password twice and press ENTER key.
Step 3: Type
:w to apply the changes to the file.
Remove password from a file using Vim editor
Step 1: Open the file in Vim editor:
$ vim ostechnix.txt
Step 2: Type
:X (Upper case x) and hit ENTER key. Next, DO NOT ENTER any password. Just leave the password field blank and press ENTER key twice.
Step 3: Finally, type
:w and hit ENTER to save the changes to the file.
Now you can open the file without a password.
In this guide, we learned how to encrypt a text file or password protect a text file using Vim. In addition, we also discussed how to view and change the authentication method in Vim editor.
Finally, we saw how to change the password of text files and how to remove the password completely using Vim editor.
Learning Vim is worth your time. Learn one topic per day. You will be a master in Vim in couple days.
Useful Vim tips and tricks on this blog: