In this post, I cover a couple of uses of openssl that I keep finding myself doing. The openssl utility is one of those complex applications that I generally use 10-15 times a year, and generally for one of three purposes. This is annoying as it’s not frequent enough, nor simple enough to commit to memory. With this post, I’ll have a handy place to find this stuff again!
First, generating random characters (useful for generating sturdy passwords):
$ string_length=32 $ openssl rand -base64 $string_length
I used a environment variable above to make it more obvious what the last parameter is.
Next, recovering public keys from private keys. I’ve found myself in this situation a few times and always end up searching for a means to retrieve the public key. Here’s how:
$ openssl rsa -in some_key -pubout > some_key.pub
Quick symmetric encryption:
# Encrypt with: $ openssl enc -bf -salt -in somefile.txt -out somefile.txt.enc # Decrypt with: $ openssl enc -d -bf -salt -in somefile.txt.enc -out somefile.txt
In the example above, I use the
blowfish symmetric cipher algorithm. To list the algorithms
available to you, use:
$ openssl list-cipher-commands
Generate a certificate signing request:
$ openssl req -new -key somekey -out cert.csr
Generate a self-signed (snakeoil) certificate:
$ openssl req -new -x509 -key somekey -out cacert.pem -days 1095