151

I have a password protected PDF file. I know the password but in order to share the file, I have to remove the password from the PDF and share an unprotected copy. How can I do this in Ubuntu with or without the GUI?

Andrea Lazzarotto
  • 7,956
Chinmaya B
  • 6,122
  • 7
  • 24
  • 43

9 Answers9

228

The easiest way GUI (recommended for novice)

Open the protected file and use ctrl+p or use print option to print the file, now save the file as pdf.

Using Command line

If you have pdftk already installed you can skip step1

Step 0: To check if Pdftk is already installed 

sudo apt list | grep pdftk

If output contains '[installed]' tag with pdftk then you can skip step1 i.e if the output is like this

pdftk/xenial 2.02-4 amd64 [installed]

Step 1: Install pdftk

sudo apt-get install pdftk

Step 2: Run following command

pdftk /path/to/input.pdf input_pw <yourpassword> output out.pdf

If you don't want to install pdftk there is another utility qpdf which is automatically installed (at least on 16.04 which I am using)

To use qpdf for generating unsecured pdf run following command.

qpdf -password=<your-password> -decrypt /path/to/secured.pdf out.pdf

For detailed information take a look at this HTG tutorial

Community
  • 1
Chinmaya B
  • 6,122
  • 7
  • 24
  • 43
78

I tried this in ubuntu mate 19.04:

sudo apt-get install qpdf
qpdf --password=YOURPASSWORD-HERE --decrypt input.pdf output.pdf

Source

EDITED: You can also open the file in chrome first and then save as PDF.

Faiyaz Alam
  • 881
  • 8
    Awesome! pdftk didn't work for me due to encryption (InvalidPdfException: unknown.encrpytion.type.r), but qpdf did! – Christian Benke Apr 27 '20 at 19:59
  • I used this script to unencrypt all the pdfs in the current directory mkdir dec; ls *.pdf | xargs -i qpdf --password= --decrypt {} dec/{} – AmanicA Dec 12 '21 at 18:18
  • 2
    A safer version to do all files in a directory.. for i in *.pdf; do qpdf --password="$mypass" --decrypt "$i" "${i%.pdf}.decrypted.pdf"; done – shalomb Jun 22 '22 at 17:59
  • Actually qpdf --decrypt in.pdf out.pdf (no password) worked fine for me – Déjà vu Aug 22 '22 at 08:13
10

This is an old question, but seems to be a reference on the matter and, surprisingly, none of the answers tells us how to avoid passing the password on the command line (which may be a source of leakage). Of course, since this is about removing the password protection from the file, maybe you don't care. But maybe you received a pdf from a company which used some data of yours to encrypt the file, and you'd like to avoid leaking it.

With pdftk we can use:

pdftk protected.pdf input_pw output out.pdf do_ask

The password is then queried in the terminal and you can type it.

With qpdf it is a little less direct. qpdf can read a password from stdin passing - to the --password-file= option:

qpdf --password-file=- --decrypt protected.pdf out.pdf

Once you enter that, qpdf will be waiting for input from stdin. You can then type <yourpassword>, RET and Ctrl+d (Ctrl+d sends EOF in Linux. In Windows, I think it would be Ctrl+z, but I'm not sure).

If you have an older version of qpdf (prior to v10.2.0), --password-file= didn't work this way, but one could still read a whole argument from stdin with the @- option. That given, you can use:

qpdf @- --decrypt protected.pdf out.pdf

Then type --password=<yourpassword>, RET and Ctrl+d.

gusbrs
  • 344
  • If you put a space in front of your command it should avoid adding it to the history. – thoroc Dec 08 '23 at 09:58
  • add "echo YOUR_PASSWORD" at the begining and you can skip the interactive method "echo YOUR_PASSWORD | qpdf @- --decrypt protected.pdf out.pdf" – Diego Andrés Díaz Espinoza Jan 09 '24 at 14:23
  • @DiegoAndrésDíazEspinoza I would not recommend that, as it would defeat the purpose of this answer altogether. If you are concerned at all in hiding your password, that is. Doing that is not much different than using the --password= option directly. – gusbrs Jan 09 '24 at 18:25
  • @thoroc I don't know about the space at the start and the history. But, as far as I know, the command you give the terminal should still be visible in the list of processes, etc. Again, if you are concerned in hiding your password, I still wouldn't do that. – gusbrs Jan 09 '24 at 18:27
  • 1
    @thoroc ignoring commands starting with a space needs to be configured in HISTIGNORE Bash variable. It may or may not be the default on various systems. – user1079505 Feb 29 '24 at 02:23
  • @user1079505 good point, I don't recall having to set that in the last 15 years though. :) – thoroc Feb 29 '24 at 23:09
7
sudo apt-get install pdftk
pdftk input.pdf output output.pdf user_pw YOURPASSWORD-HERE

This takes your input.pdf, removes the passwords and exports it as output.pdf.

You may want to take a look here to explore additional mehods.

Andrea Lazzarotto
  • 7,956
Mustafa Yılmaz
  • 182
  • This didn't work for me – ptetteh227 Jan 21 '18 at 10:09
  • 4
    Didn't work for me either. This works by putting the user_pw param just after input.pdf (it seems params are positional). So "pdftk input.pdf user_pw YOURPASSWORD-HERE output output.pdf " should work (I've used input_pw instead of user_pw). – Bozzy Feb 12 '21 at 11:57
  • Latest versions seem to require the above format and parameter order – higuita Sep 23 '21 at 19:02
5

Use this zsh function:

pdf-unencrypt () {
    : "Usage: <file>
Uses ghostscript to rewrite the file without encryption."
    local in="$1"
    gs -q -dNOPAUSE -dBATCH -sDEVICE=pdfwrite -sOutputFile="${in:r}_unencrypted.pdf" -c .setpdfwrite -f "$in"
}

: is a no-operations function. $in:r gets the variable without its extension. You obviously need ghostscript installed.

HappyFace
  • 325
  • 1
    In more recent versions of ghostscript, you'll need to remove the -c .setpdfwrite -f from the above command line. Otherwise, version 9.54 or later will fail with Error: /undefined in .setpdfwrite. (I don't know why there's a forward-slash in that.) And version 9.53.x will give you a warning message stating The .setpdfwrite operator has been deprecated and will be removed entirely in the next release of Ghostscript – AJM Mar 17 '22 at 13:41
  • I've seen this command many times yet when I run it I get an error This file requires a password for access. So at least in recent versions of gs it doesn't seem to be working or at least not for me. – rbaleksandar Apr 26 '22 at 19:20
  • almost works, except instead of being prompted for a password when I try to save an edit, it just freezes (on Preview.app) – ijoseph Jan 01 '23 at 00:13
  • edit: oh wait, if I then used Preview.app to Export it (as PDF) again, I can now successfully save edits. Score. – ijoseph Jan 01 '23 at 00:15
3

if you don't have the password you can still unprotect the pdf document thanks to ghostscript :

gs -q -dNOPAUSE -dBATCH -sDEVICE=pdfwrite -sOutputFile=unencrypted.pdf -c .setpdfwrite -f my-protected-pdf-file.pdf

if you need to install GhostScript : How to install newer version of ghostscript on server than provided from ubuntu?

baobab33
  • 63
2

Rising the topic from the dead a little bit here (but I am a new Linux user, so...);

  1. Anyhow, I also used the file for which I had known the password. But I used "Master PDF Editor 5" (unregistered, free version) to remove the password (File - Properties - Security - No Encription).
  2. However, since "Master PDF Editor 5" leaves the watermark (which I personally, do not mind), I re-opened (the now unlocked file) in Libre Office Draw and removed the watermark.
  3. I exported the file in PDF, which additionally resulted in tremendous compression without any losses. It was a very simple file; one sheet only, with text in the table, but the above process reduced the size from 70-ish KB to 22-ish KB.
pomsky
  • 68,507
Linux N00b
  • 21
2

If you already have a password, you can use the following to remove the password

gs -dNOPAUSE -dBATCH -q -sDEVICE=pdfwrite -sPDFPassword=password -sOutputFile=output2.pdf -f input.pdf
Yanjan. Kaf.
  • 444
0

I think I might as well chime in with a little script I built around pdftk and gum.

#!/bin/bash

if [[ -z "$1" || ! -f  "$1" ]]; then
  echo "Select a file:"
  file="$(gum file)"
  echo -e "${file}\n"
else
  file="$1"
fi


pdftk "${file}" input_pw output "${file//.pdf/_decrypted.pdf}" do_ask

You can provide a file as the first parameter and the decrypted file will be saved with _decrypted.pdf postfix. If you don't provide a file name as the first parameter it will bring up gum's file chooser.

LiveWireBT
  • 28,763