openssl命令杂记
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了openssl命令杂记相关的知识,希望对你有一定的参考价值。
openssl命令行openssl基础
显示openssl版本号
[[email protected] ~]# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
[[email protected] ~]# enc
[[email protected] ~]# whatis enc
enc (1ssl) - symmetric cipher routines给文件加密
[[email protected] tmp]# openssl enc -e -des3 -a -salt -in fstab -out fstab.ciphertext -e:加密格式;-a:基于文本编码;-salt:自动加入杂志;-in:加密哪个文件;-out:输出到哪个路径
enter des-ede3-cbc encryption password:
Verifying - enter des-ede3-cbc encryption password:
[[email protected] tmp]# rm fstab
rm: remove regular file ‘fstab’? y
[[email protected] tmp]# cat fstab.ciphertext
U2FsdGVkX19TOyfPaUaIYrL3f6FYQiOtsVxUOZBUsAbz+9uYXkjM4Wd9xvbz4Fpu
YwRWE8XyiQOnofveK3EoNOuma628gxfyQwQUNYm2j+Jo2OY7eMsdZ8Tqq6bY22pb
n3CRCurVKR/uZ6sNe8GxkPo4NeEyPB9qdpgpV9xo52zY4HUxqkeiJ98XizNe1Yqn
IoKqWxM24dG6O6nBnZL77qPVXfvNLmvjSXBloMXv3ZqWwO1KND/z2UCCeKnEn4Qv
9a3XLybBcTvi2oMMFOd/ouptPMsDdJgpF2dM/P5SXihVH5cbqDoVIxdxd2s98Nl6
h0E1zXzRumph12Ko3KgEd/GU/sq9rTKyB9OiSsQgh1+SaeatDrbJwZTNuTz9vztS
J3UnPzOgl0GIVSx1UDdb6lbfBhR/36YtRZHEqtCS6TjQKizJKSy/7jzqHFjMmxcJ
XlHyun4bgR4dMZ+TMqjoDgu9qGgw4yGeRgMR+fKUGiXZPbWdFD12DwESqL1NfQ5f
wQpqr/YEMtEgeXHPL4fHps1rgYFRXlvFcR+hiO2wPwTxrllY0psaM2cifC0F0vH3文件解密
[[email protected] tmp]#
[[email protected] tmp]# openssl enc -d -des3 -a -salt -in fstab.ciphertext -out fstab
enter des-ede3-cbc decryption password:
[[email protected] tmp]# ls
fstab fstab.ciphertext
[[email protected] tmp]# cat fstab
#
# /etc/fstab
# Created by anaconda on Thu Jun 16 09:45:02 2016
#
# Accessible filesystems, by reference, are maintained under ‘/dev/disk‘
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=61a8ab18-e2f0-4857-bf8e-a8e534b08c9c / xfs defaults 0 0
UUID=4c401c24-2f32-49af-96e5-bc2ea947387a /boot xfs defaults 0 0dgst
[[email protected] tmp]# whatis dgst
dgst (1ssl) - message digests不同工具,使用同种算法,得出的结果一样
[[email protected] tmp]# md5sum fstab
c68a89b85a3b2177fee40201320acd35 fstab
[[email protected] tmp]# openssl dgst -md5 fstab
MD5(fstab)= c68a89b85a3b2177fee40201320acd35
[[email protected] tmp]#
[[email protected] tmp]# openssl dgst -md5 -hex fstab #默认十六进制编码
MD5(fstab)= c68a89b85a3b2177fee40201320acd35passwd
[[email protected] tmp]# whatis passwd
passwd (1) - update user‘s authentication tokens
sslpasswd (1ssl) - compute password hashes ***
passwd (5) - password fileMD5加密
-1:MD5;-salt 123:加入杂质;
[[email protected] tmp]# openssl passwd -1 -salt 123
Password:
$1$123$nE5gIYTYiF1PIXVOFjQaW/
[[email protected] tmp]# rand生成随机数
生成64位和16进制随机数
[[email protected] tmp]# openssl rand -base64 4
rLMepA==
[[email protected] tmp]# openssl rand -hex 4
3d386d6e #4个字节,8位16进制rsautl
[[email protected] tmp]# whatis rsautl
rsautl (1ssl) - RSA utilitygenrsa
[[email protected] tmp]# whatis genrsa
genrsa (1ssl) - generate an RSA private key生成随机数设备
[[email protected] tmp]# ls /dev | egrep "random|uinput"
random
uinputrandom和urandom
[[email protected] tmp]# whatis random
random (3) - random number generator
[[email protected] tmp]# whatis urandom
urandom (4) - kernel random number source devices
[[email protected] tmp]# 生成私钥
[[email protected] tmp]# openssl genrsa -out rsakey.private 2048
Generating RSA private key, 2048 bit long modulus
......+++
............+++
e is 65537 (0x10001)
[[email protected] tmp]# cat rsakey.private
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA6vl3ePFVYl3DirG1dqgb/PRmjrAuSwmGp/9MligRjDA1Uo7y
dkDHEmiAGb6Ubt5w4T5B525bQMqD0TsG1lRwH6Gc9awd5ct1tR29m+lSobFqFvrJ
W558k25G3C7OEXie1+vc8AiA2cKiLgE9MckPWiBARK9C0UqUUiHOd6Z6kjDflr0p
uSuKuvnoOUWyLe3WVj5vpA4jYxyFGiqW8E3Crh8aVExnsH8rdE3V4EuWASzGOmGG
XjN+F7Hm6hKgOFBazN5o2RAQ3/PknduQrSBYvkOQKHoaDpi+hFWSu7V6PCZd9nl7
uKt5D3i4W+4IrrTuiWN+/3pLJhzijB3sT2pZIQIDAQABAoIBAQDGQqGE4ZQawGSa
ZOFo8eVTpN/X613UIICGxYnYdIyBzbdgJo78KiIOLTBRCJXziiqSUtaGsH28iGN6
qiRVub81YUavn39GgkqZ/DMdF1yKY8jRBN/bNzmDqBuP8soawby9ER1FRtd5ZZkz
2gXJOQ2EDQxNJ9foAdZuCmpMWKK5L3erw1pqSmroiR8vOUFdyNi044STOtOlf4C2
3D/5AvyMgfVzo2KsR6QDnMeQyAbJwYMHyP/5/0/Xv3rNmag0HK0vCiOfWJxCtIFH
2Pvbw8q1EbIGlAWnw75BQk/DwlNf3j2cgxkPC9HhClMso/n6FlYr5sCM0/dMWsll
+TuW7B4xAoGBAPq5pY+JsWh7yNUjwYdWv2c8gkRosC03FTzho8ScZUhg3z/diieF
RRMP5GQfcJRHQ201LRyMlx24x/t6HbcFLMhJp5xVoo26/7CN9WC/Qkj8VMI/U58k
o3hsqjYl24BaZksdDTh9MwVyWbq97Wu5i3UzvEVmnchRUjSal1bMlPY1AoGBAO/q
/W9tugsyURkxheMFsFY2m8Tn/d8PTllq+sdSdsFGaMPN3B1PVy+c5K/JYo/UxU/1
fL8Zg/9868TZhaeTt2pdz3pt5jmR9Sloa2PPHD+AsP/cvi9EopqZpVkHj9xv4Q6S
n+XfSZ1mkyZOcpSWT3eqtlRAWMDr0/QehaCzMMS9AoGAD/fu8XtljzADFIAYfVQr
EJor+ctpHRgbBCui0IzdboSs81ZazDWStqoWc8IE24zGYJg4bU8O+Neh9QRMDDIK
Lh9yy2Qw3DICwu3nqOfFgvx/MXfzDXm555uUI6q5li0rwrDw/J4Mt9YWnOwnyOqi
VS6cWRc2CWIUiEEoTmDtQ9kCgYEAthpXY0yV+gmnJMhCJ58ZyVaJxVuRhs3HWnep
AcHGAc2/l1+Zw2WFd85Ohl8FQMbvPVHH7gUf+7yF+FRi7l9gyIuMABGKvgfbXiKz
4H5Doq+7qXmToa0m/tHAf2MN/vOsj7MbSw/AgIhrCJhiwAWXK+2XlzuAIm7d4l2I
cAGS8sECgYEAuqa7Yv+WbeovFutgnExdmvvO0Z0oHb1tkwUI+RG/uwJOQdzpMsNE
Osk1HWfao3nu7P+4v5WFFDbqA0kyCO0mTIT/gBy8je+d4iWfdsl1HtINim6lp6cL
560wSJSWgiJXo0fX5YlLvW9DS7ZIhTOkip32bGcpyyBSGO/6Kqt85CA=
-----END RSA PRIVATE KEY-----通过私钥文件输出公钥信息
[[email protected] tmp]# openssl rsa -in rsakey.private -pubout
writing RSA key
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vl3ePFVYl3DirG1dqgb
/PRmjrAuSwmGp/9MligRjDA1Uo7ydkDHEmiAGb6Ubt5w4T5B525bQMqD0TsG1lRw
H6Gc9awd5ct1tR29m+lSobFqFvrJW558k25G3C7OEXie1+vc8AiA2cKiLgE9MckP
WiBARK9C0UqUUiHOd6Z6kjDflr0puSuKuvnoOUWyLe3WVj5vpA4jYxyFGiqW8E3C
rh8aVExnsH8rdE3V4EuWASzGOmGGXjN+F7Hm6hKgOFBazN5o2RAQ3/PknduQrSBY
vkOQKHoaDpi+hFWSu7V6PCZd9nl7uKt5D3i4W+4IrrTuiWN+/3pLJhzijB3sT2pZ
IQIDAQAB
-----END PUBLIC KEY-----优化密钥文件
[[email protected] tmp]# chmod og= rsakey.private
[[email protected] tmp]# ll rsakey.private
-rw-------. 1 root root 1679 Aug 5 20:59 rsakey.private
[[email protected] tmp]# 两步一起做,小括号代表在子shell设置,不影响自身shell,只在子shell生效
[[email protected] tmp]# (umask 077; openssl genrsa -out key.pri 2048)
Generating RSA private key, 2048 bit long modulus
...+++
..............+++
e is 65537 (0x10001)
[[email protected] tmp]# ll key.pri
-rw-------. 1 root root 1679 Aug 5 21:06 key.pri以上是关于openssl命令杂记的主要内容,如果未能解决你的问题,请参考以下文章