Table of contents
Symmetric key
Encryption
$ echo "top secret text" | openssl enc -aes-256-cbc -base64
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
<< encrypted text >>
Decryption
$ echo "<< encrypted text >>" | openssl enc -d -aes-256-cbc -base64
enter aes-256-cbc decryption password:
top secret text
Asymmetric key
Key Generation
Public key
openssl genrsa -out private.pem 2048
Private key
openssl rsa -in private.pem -pubout -out public.pem
Encryption
openssl rsautl -encrypt -in secret-transmission.txt -out secret-transmission.txt.enc -inkey public.pem -pubin
Decryption
openssl rsautl -decrypt -in secret-transmission.txt.enc -out secret-transmission.txt -inkey private.pem
Sending signed messages
openssl rsautl -sign -in secret-transmission.txt -out secret-transmission.txt.enc.signed -inkey private.pem
Reading signed messages
openssl rsautl -verify -in secret-transmission.txt.enc.signed -out secret-transmission.txt -inkey public.pem -pubin
Encrypting private key
Never store private key in clear text format!
openssl rsa -in private.pem -des3 -out private-enc.pem
Others
Find openssl version
$ openssl version
LibreSSL 2.6.4
List ciphers
openssl list-cipher-commands
Top comments (0)