The security of our data must be one of the fundamental priorities both at the administration level and for personal use since unauthorized access to information can trigger security situations that affect our integrity.
OpenSSL is a powerful tool that allows us to encrypt files in a comprehensive way using various security methods. Having our information encrypted is essential if we want to prevent the data from reaching other unwanted hands. This tutorial will have the keys to maintain that security in your files.
With OpenSSL we can use a symmetric algorithm when we want to use the same key for both encryption and decryption of a file. For this case we have created a file called solvetic.txt in our CentOS 7 root:
1. Encrypt a file using OpenSSL commands
Step 1
The first method we will see will be the encryption process of our file and for this we will use the following syntax:
openssl enc -aes-256-cbc -salt -in solvetic.txt -out solvetic.txt.enc
Step 2
The parameters to be used are the following:
Openssl
It is the command that will take care of the file encryption.
On
Indicates encryption with encryption.
-aes-256-cbc
Indicates the type of encryption to use for the file.
-salt
Add an additional force parameter to the encryption.
-in
Refers to the source or input file.
-out
Refers to the name that will be assigned to the encrypted file.
It is important to add the -salt parameter since not doing so the file will be prone to vulnerabilities with decryption tools in a simple way. When executing this syntax, a message will be displayed where we must enter and confirm the password assigned to the text:
Step 3
At this point we can add various levels of encryption in this method such as:
- AES-128-cbc
- AES-256-cbc
- AES-128-ecb
- AES-256-ecb
- AES-192-cbc
- AES-192-ecb
- Camellia-128-cbc
- Camellia-256-cbc, among others.
Step 4
Once we perform this action we can see our encrypted file with the extension .enc :
Step 5
We can try to access the encrypted file using any of the desired editors, such as nano by running the following:
nano solvetic.txt.enc
2. Decrypt a file using OpenSSL commands
At the moment we want to access the encrypted file we will use the following syntax for decryption:
openssl enc -aes-256-cbc -d -in solvetic.txt.enc -solvetic.txtWhen pressing enter it will be necessary to enter the respective access password:
From this moment we will have access to the content of the file. The parameters used in this process are:
-d
Allows decryption of the file.
-in
It allows us to select the encrypted file.
-out
Indicates the name to assign to the file after the process.
3. Base64 encoding
In addition to the encryption method indicated above, with OpenSSL we have the possibility of adding an encoding called Base64 which converts the 8-bit binary information into a set of ASCII characters. This type of coding is ideal when we have to transfer information over the network and by default the encryption will be in binary format.$config[ads_text5] not found
Step 1
The syntax to encrypt a file using Base64 is to add the value -a as follows:
openssl enc -aes-256-cbc -salt -a -in solvetic.txt -out solvetic.txt.enc
Step 2
We will assign the respective access credentials to the file. The -a parameter tells OpenSSL that the data will be encrypted using Base64 as encoding. If we access the file we will see its coding in ASCII format:
4. Non-interactive encryption methods in CentOS 7
$config[ads_text5] not foundUsing this method, the system will ask the user to enter the password during the encryption of the file so it will be visible. It is important to use this method in places where security is not violated.
Step 1
The syntax to encrypt a file using this method is:
openssl enc -aes-256-cbc -salt -in solvetic.txt -out solvetic.txt.enc -k PASSWORD
Step 2
To decrypt this file we will use the following syntax:
openssl enc -aes-256-cbc -d -in solvetic.txt.enc -out solvetic.txt -k PASSWORDDo not lose details of the process and watch the video tutorial that shows how to perform this encryption process with OpenSSL.$config[ads_text6] not found
In this way OpenSSL becomes a useful tool to protect our files from unauthorized access.
Articles