Difference between revisions of "OpenSSL"
Jump to navigation
Jump to search
Line 38: | Line 38: | ||
* [[Installing a web server/Nginx web server]] | * [[Installing a web server/Nginx web server]] | ||
* {{OpenSSH}} | * {{OpenSSH}} | ||
− | * | + | * |
* {{HTTPS}} | * {{HTTPS}} | ||
* [[encfs]] | * [[encfs]] | ||
* [[GPG]] | * [[GPG]] | ||
* <code>[[pbcopy]]</code> [[macOS]] command | * <code>[[pbcopy]]</code> [[macOS]] command | ||
+ | * [[Secrets]]: <code>[[ansible-vault]]</code> | ||
Revision as of 18:42, 12 January 2020
OpenSSL is an open source implementation of the TSL cryptographic protocol, and its now-deprecated predecessor, Secure Sockets Layer (SSL) protocol. You can perform some basic operations, such as:
Examples
Generate a new self signed Certificate instead of a CSR
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout private.key -out public.pem
Output a self-signed certificate instead of a certificate request
-nodes
(short for no DES) do not encrypt private key-x509
Output a self-signed certificate instead of a certificate request
Read CSR
openssl req -text -noout -in root.csr
Read certificate (CRT)
openssl x509 -text -noout -in root.crt
Encrypt and decrypt a file[1] (GPG can also be used for encrypting and decrypting files)
Using aes-256-cbc cypher, You will be prompted for a password when encrypting that has to be used for decrypting.[2]
- Encrypt file (
openssl enc
):
openssl enc -aes-256-cbc -in un_encrypted.data -out encrypted.data
- Use
file
command to verify file type.
file encrypted.data encrypted.data: openssl enc'd data with salted password
- Decrypt file (
openssl enc -d
):
openssl enc -d -aes-256-cbc -in encrypted.data -out un_encrypted.data
Activities
- Generate a random number:
openssl rand -base64 32
[3] openssl s_client -showcerts -connect gnupg.org:443
- Encrypt a file using aes-256-cbc cypher using
openssl enc
command
See also
- Installing a web server/Nginx web server
- OpenSSH (changelog):
/etc/ssh/sshd_config
|/etc/ssh/ssh_config
|~/.ssh/
|openSSL | sshd logs
|sftp
|scp
|authorized_keys
|ssh-keygen
|ssh-keyscan
|ssh-add
|ssh-agent
|ssh
|Ssh -O stop
|ssh-copy-id
|CheckHostIP
|UseKeychain
, OpenSSF - HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL,
openSSL
, WebSockets, WebRTC,ssl_certificate
QUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers,--insecure
, Axios HTTP client, HTTP cookies, HTTP ETag, Hypertext Transfer Protocol -- HTTP/1.1 - encfs
- GPG
pbcopy
macOS command- Secrets:
ansible-vault
Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy.
Advertising: