Why can't you use 'openssl des ...' instead?

As far as I can tell 'openssl des' works differently from the 'des' program - it
won't decrypt the same files (none of the 12 or so different des variants
supported by 'openssl des' works, but plain 'des' works).

However I will ask on the openssl list to get a definitive answer.

'openssl des' uses a weird old method, invented by MIT and not used elsewhere, to generate the encryption key from the password supplied on the command line:

https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/crypto/des/des.c#L418

There is apparently no way to call DES_string_to_key() (or equivalent) in the new OpenSSL API, since everything has standardised on EVP_BytesToKey instead, which generates the key using one of the standard OpenSSL message digest suites, which doesn't include DES_string_to_key().

This means that the following commands produce different results, because they use different keys:

openssl enc -d -des -k "MyPasswd" -in encrypted.bin
des -D -k "MyPasswd" -in encrypted.bin

The solution is to transform your key using DES_string_to_key(), while you still can (it's being removed from OpenSSL). You could write a C program, or use Python ctypes to do it:

from ctypes import *
buf = create_string_buffer(8)
cdll.libcrypto.DES_string_to_key('MyPasswd', buf)
print "".join("{:02x}".format(ord(c)) for c in buf.raw)

This will output a hex string that you can pass to "openssl enc" with the -K parameter (instead of -k) to be used as the raw key, like this:

openssl enc -d -des -K ea8907c7407cc1a8 -iv 0000000000000000 -in encrypted.bin

Note that you also have to supply the IV if you supply your own key as a hex string. The old des utility sets the IV to all zero bytes by default.