Wednesday, September 21, 2011

Crypt and Decrypt files

Hi I am back, A few days ago I had to change (as regularly we do) the root password of all my servers and consoles because a member leave the team... remember to do that all the time!

Then I had to share the new root password to all my team but I don't like sending password over the network on a plain text email and call them one by one ... well is expensive and exhaustive ... so I found a neat solution and will like to share it!.

Basically what I did was write down the password on a text file inside unix crypt using openssl
and then send an email to my team providing the location and asking them to use the OLD root password to open this file and knew the NEW root password...

so here is the example!

# echo "This is a simple string" > MyNormal.file
# cat MyNormal.file
This is a simple string
# openssl bf -salt -in MyNormal.file > MyCrypted.file
enter bf-cbc encryption password:
Verifying - enter bf-cbc encryption password:
# rm MyNormal.file
# cat MyCrypted.file
Salted__|    qqk��=��r�3 �#DOC��@Ϝ�g�
                                            ��}�@V#
# openssl bf -d -in MyCrypted.file
enter bf-cbc decryption password:   # Example with a wrong password
bad decrypt
1710:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:330:
��q#jR�":�z�� �} ƺ�P�`}#
# openssl bf -d -in MyCrypted.file
enter bf-cbc decryption password:   # Example with the correct password
This is a simple string
#

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.