Encrypting data with OpenSSL


I often find myself needing to protect sensitive data, and usually turn to OpenSSL for help. OpenSSL support a plethora of symmetric key encryption algorithms (AES, DES3, Blowfish, RC4), and comes with a variety of Operating Systems. To encrypt a file named private, we can pass one of the available symmetric key algorithms to OpenSSL:

$ openssl aes-256-ecb -in private -out private.aes256
enter aes-256-ecb encryption password: Verifying - enter aes-256-ecb encryption password:

$ ls private
private private.aes256

To decrypt the file private.aes256, the symmetric key algorithm and decryption option can be passed to OpenSSL:

$ openssl aes-256-ecb -d -in private.aes256 | tail -5
enter aes-256-ecb decryption password: pop 109/tcp pop3 110/tcp imap 143/tcp imaps 993/tcp pop3s 995/tcp

As you can see, private wasn’t so private after all :) You can get a full list of available symmetric key ciphers by appending the help flag to openssl. If you are interesting in learning about more practical uses for OpenSSL, check out my article Real World Uses For OpenSSL.

This article was posted by Matty on 2005-01-08 23:54:00 -0400 -0400