Geody Labs


# Main Index: Debian Linux Magic Spells Cheat Sheet (one liners, how to, tips and tricks)

# Encryption

Encryption with openssl

# Note that AES-256-CBC method in unsecure as it does not provide authenticated encryption and is vulnerable to padding oracle attacks. apt-get install openssl openssl aes-256-cbc -pbkdf2 -salt -in PATH/CLEARTEXT -out PATH/ENCRYPTED # Encrypt CLEARTEXT file to ENCRYPTED file. It will prompt for password twice. openssl aes-256-cbc -d -pbkdf2 -in PATH/ENCRYPTED -out PATH/CLEARTEXT # Decrypt ENCRYPTED file to CLEARTEXT file. It will prompt for password. openssl aes-256-cbc -pbkdf2 -salt -pass pass:PASSWORD -in PATH/CLEARTEXT -out PATH/ENCRYPTED # Encrypt CLEARTEXT file to ENCRYPTED file using PASSWORD. openssl aes-256-cbc -d -pbkdf2 -pass pass:PASSWORD -in PATH/ENCRYPTED -out PATH/CLEARTEXT # Decrypt ENCRYPTED file to CLEARTEXT file using PASSWORD. echo -n "CLEARTEXT"|openssl aes-256-cbc -pbkdf2 -salt -pass pass:PASSWORD|base64 # Encrypt CLEARTEXT to ENCRYPTED using PASSWORD and encode it as Base64. echo -n "U2FsdGVkX19YTYqwG/Dxp5t0k7mhGPYyvv70hiJfvOQ="|base64 -d|openssl aes-256-cbc -d -pbkdf2 -pass pass:PASSWORD # Decrypt Base64 encoded ENCRYPTED text to CLEARTEXT using PASSWORD.

Encryption with GnuPG (GPG) and Pretty Good Privacy (PGP) wrapper

apt-get install pgpgpg

PGP

pgp -h # Help pgp -k # Key Manager functions help pgp -kg # Generate key pgp -kxa USER_ID PATH/DEST_FILE.ASC # Export User's public key to file pgp -ka PATH/PUBLIC.KEY # Add public key to keyring pgp -ea PATH/SOURCE_CLEARTEXT RECIPIENT_ID # Encrypt file for Recipient pgp PATH/ENCRYPTED_FILE # Decrypt file (need password) # Handy options: # (Usage example: PGP -e = binary object file, PGP -ea = ASCII object file) # -a ASCII armour # -w Wipe (overwrite&delete) original file (when crypting) # -m No output file (on screen display, "eyes only") (when decrypting)

GPG

gpg -h # Help gpg --version # Show GPG version and supported algorithms gpg --gen-key # generate key gpg --list-keys # list public keys in the public keyring gpg --list-secret-keys # list secret (private) keys in the secret keyring gpg --export -a > PATH/DEST_FILE.ASC # Export all public keys to a file gpg --export -a "USER_ID" > PATH/DEST_FILE.ASC # Export User's public key to file gpg --import PATH/PUBLIC.KEY # Add public key to keyring gpg -s -r "USER_ID" PATH/SOURCE_CLEARTEXT # Sign file for Recipient, file name is automatically generated gpg -s -a -r "USER_ID" PATH/SOURCE_CLEARTEXT # Create a signature for the given file for Recipient and output with an ASCII armour, file name is automatically generated gpg -se -r "USER_ID" PATH/SOURCE_CLEARTEXT # Sign and encrypt file for Recipient, file name is automatically generated gpg -se -a -r "USER_ID" PATH/SOURCE_CLEARTEXT # Sign and encrypt file for Recipient and output with an ASCII armour gpg --verify PATH/SIGNATURE.SIG # Verify a signature (without showing the signed content) gpg PATH/ENCRYPTED_FILE # Decrypt file (need password), file name is automatically generated gpg -d PATH/ENCRYPTED_FILE > PATH/DEST_FILE # Decrypt file specifying the output file name (need password) gpg -d PATH/ENCRYPTED_FILE # Decrypt file, on screen display, "eyes only" (need password)




Please DONATE to support the development of Free and Open Source Software (PayPal, Credit Card, Bitcoin, Ether)

Page issued on 25-Sep-2022 05:03 GMT
Copyright (c) 2022 Geody - Legal notices: copyright, privacy policy, disclaimer