The command from the original report fails for me with openssl 3.0.7 with >>bad decrypt<< even with the newline.
I came up with a slightly different set of commands that reproduce this behaviour, and which also includes -pbkdf2 that now seems to be required to avoid a warning. porridge@fujitsu:~$ echo peekaboo | openssl enc -aes-256-cbc -pbkdf2 -pass pass:bar -base64 U2FsdGVkX190F0Gf0mikyIDlIh9oDADRLtCA0wSMEHg= porridge@fujitsu:~$ echo -n U2FsdGVkX190F0Gf0mikyIDlIh9oDADRLtCA0wSMEHg= | openssl enc -aes-256-cbc -pbkdf2 -pass pass:bar -d -base64 error reading input file I also learned about the -A flag which seems to make openssl work in this case: porridge@fujitsu:~$ echo -n U2FsdGVkX190F0Gf0mikyIDlIh9oDADRLtCA0wSMEHg= | openssl enc -aes-256-cbc -A -pbkdf2 -pass pass:bar -d -base64 peekaboo However even in the manpage it is mentioned to be buggy: The -A option when used with large files doesn't work properly. I also found an upstream issue about base64 handling which seems to be closely related to this bug report: https://github.com/openssl/openssl/issues/18780 Jean-Michel, if you consider this a good enough workaround for your use case, please consider closing this bug. Marcin