Difference between revisions of "OpenSSL"

From wikieduonline
Jump to navigation Jump to search
Line 19: Line 19:
 
Using aes-256-cbc cypher, You will be prompted for a password when encrypting that has to be used for decrypting.<ref>https://stackoverflow.com/a/31552829</ref>
 
Using aes-256-cbc cypher, You will be prompted for a password when encrypting that has to be used for decrypting.<ref>https://stackoverflow.com/a/31552829</ref>
  
* Encrypt file (<code>openssl enc</code>):   
+
* [[Encrypt]] file (<code>openssl enc</code>):   
 
:<code>openssl enc -aes-256-cbc -in un_encrypted.data -out encrypted.data</code>
 
:<code>openssl enc -aes-256-cbc -in un_encrypted.data -out encrypted.data</code>
 
: Use <code>[[file]]</code> command to verify file type.
 
: Use <code>[[file]]</code> command to verify file type.

Revision as of 15:03, 4 January 2020

OpenSSL is an open source implementation of the TSL cryptographic protocol, and its now-deprecated predecessor, Secure Sockets Layer (SSL) protocol. You can perform some basic operations, such as:

Examples

Generate a new self signed Certificate instead of a CSR

  • openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout private.key -out public.pem

Output a self-signed certificate instead of a certificate request

-nodes (short for no DES) do not encrypt private key
-x509 Output a self-signed certificate instead of a certificate request

Read CSR

  • openssl req -text -noout -in root.csr


Read certificate (CRT)

  • openssl x509 -text -noout -in root.crt

Encrypt and decrypt a file[1] (GPG can also be used for encrypting and decrypting files)
Using aes-256-cbc cypher, You will be prompted for a password when encrypting that has to be used for decrypting.[2]

openssl enc -aes-256-cbc -in un_encrypted.data -out encrypted.data
Use file command to verify file type.
file encrypted.data
encrypted.data: openssl enc'd data with salted password
  • Decrypt file (openssl enc -d):
openssl enc -d -aes-256-cbc -in encrypted.data -out un_encrypted.data

Activities

  • Generate a random number: openssl rand -base64 32[3]
  • openssl s_client -showcerts -connect gnupg.org:443
  • Encrypt a file using aes-256-cbc cypher using openssl enc command

See also

Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy.

Source: https://en.wikiversity.org/wiki/OpenSSL

Advertising: