This technique is boiled down from other information obtained on the Internet.
ALWAYS read the man page(s) before using any command combinations found in any of my posts. Since you are a Linux/Unix SysAdmin, it is on you to follow proper Wizardly protocols.
WARNING: This has bitten me before - It is very easy to overwrite an existing file and lose everything. Double and TRIPLE check your commandline before hitting enter. YOU HAVE BEEN WARNED!!
Encrypt a normal file:
openssl des3 -e -salt -in myfile.txt -out myfile-encrypted.des3This command string will ask for a password before creating the password file. Otherwise use the -k switch to supply the password on the commandline. The extension des3 is used to remember what encoding was used. To see the various options available when using a cipher routine, look at the man page for the command enc.
Decrypt a normal file encrypted by the above command:
openssl des3 -d -salt -in myfile-encrypted.des3 -out myfile-decrypted.txtReally the only difference is the use of -e and -d, and the filenames used for input and output. As above, this asks for the password.
Encrypting a tar file:
tar czf - ./directory | openssl des3 -e -salt -k secretpasswd | \dd of=mytar-encrypted.des3
(You know that backslash continues the line, right?)
Decrypt a tar file encrypted by the above command:
dd if=mytar-encrypted.des3 | openssl des3 -d -k secretpasswd | tar xzf -Of course, in both of these steps you could separate the tar command from this chain, and run it separately. However, the openssl and dd commands need to stay piped.
There are a ton of different ciphers to be used with openssl. (As stated before, see the man page for enc, and also look at the man page for dgst if interested.) Choose the one you feel philosophically bent toward. The use of des3 here is merely an example.
No comments:
Post a Comment