INTRO
Do you have a file that has a kind of secret and you don’t want it to show it to anyone? Well, in this tutorial, we will try to create an encrypted file with a very famous tool called OpenSSL. it is not a new method. But it gives you a lot of options for ciphers. remember that we are not doing the hashing thing here.
According to Rudi Cilibaris,
A hash is used to take a message of any length and produces a fixed-sized output length using a hash function. For example, the SHA256 hash function produces a 256-bit hash value regardless of the input message length. Given a hash value, it is not possible in general to determine the original message because many different messages could generate the same hash value. A hash function destroys information in the general case.
A cipher, on the other hand, takes a message of any length and produces an output of equal or greater length. It does not destroy information. A cipher output (called a ciphertext) can be decoded to produce the original message.
Before going further, I would like to suggest some of my previous articles related to this topic.
You can use the gpg tool to do the same thing that I am going to do with this tool in a minute. we are not going to compare ciphers here. you can google more on this topic.
ENCRYPTÂ
First I am going to encrypt a file using OpenSSL. and later, I will decrypt it with the same tool “OpenSSL”.
To encrypt a file, Type this command:
openssl aes-256-cbc -salt -in <filename> -out <Output_File>
This command will ask for a password which will be used while decrypting the file.
For example, I have a file named “hash.txt” and I am going to encrypt this.
openssl aes-256-cbc -salt -in hash.txt -out hash.txt.encScreenshot:
As you can see we have the encrypted file “hash.txt.enc”. we can use cat command to see the content.
cat hash.txt.enc
Screenshot:
but let me show you the original content of this file.
cat hash.txt
Now, you can see the difference between the encrypted and original file. there are some other options that you can use in the command.
• Use -a to encrypt data in “base64-ensode”(More secure):
openssl aes-256-cbc -salt -a -in <filename> -out <Output_File>
• Use -enc to use a given cipher. you can see the ciphers with this command:
openssl help
Screenshot:
openssl -enc -<cipher> -salt -in <filename> -out <Output_File>
• Use -k for no password pop-up. you can just enter your password after -k.
openssl -enc -<cipher> -salt -in <filename> -out <Output_File> -k 1234
DECRYPT
To decrypt the file. you will need to use the same option that you used to encrypt the file. For example, if your encrypt command has -a and looks like this:
openssl -enc -<cipher> -a -salt -in <orignal_file> -out <encrypted_file> -k 1234
Then, while decryption, the command will look like this:
openssl -enc -<cipher> -salt -d -in <encrypted_file> -out <output_file> -k 1234
-d is to tell the OpenSSL to decrypt the file.-in will hold the encrypted and -out will hold the output filename.
If I want to decrypt “hash.txt.enc”. I will do something like this:
openssl enc -aes-256-cbc -a -salt -d -in hash.txt.enc -out hash1.txt -k 1234
Screenshot:
You can see that the command has decrypted it.
Thanks For Visiting.
