In some cases, you may have to send your datacenter’s passwd information to some of your collegues. Instead of sending them in plain text, you can use tar & openssl combination to encrypt that data. Here is how it can be done.

Encryption :

Tar & gzip the password file and encrypt using openssl des3 and a secret key. Replace the text “secretkey” with your secret password.

[root@unixfoo-lin23 ~]# tar cvzf – passwd_info.txt | openssl des3 -salt -k secretkey | dd of=encrypted_passwd_info
20+1 records in
20+1 records out

The filetype of the encrypted file is “data” and you cannot use “tar -tvzf” to list contents on this.

[root@unixfoo-lin23 ~]# file encrypted_passwd_info
encrypted_passwd_info: data

[root@unixfoo-lin23 ~]# tar tvzf encrypted_passwd_info
gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error exit delayed from previous errors
[root@unixfoo-lin23 ~]#

Decryption :

While decrypting the file, use the steps below. Replace the text “secretkey” with your secret password which you provided during encryption.

[root@unixfoo-lin12 ~]# dd if=encrypted_passwd_info |openssl des3 -d -k secretkey |tar xvzf –
20+1 records in
20+1 records out
[root@unixfoo-lin12 ~]# cat passwd_info.txt | head -1
UNIX User       UNIX Password
[root@unixfoo-lin12 ~]#

This method can also be used to gzip and encrypt any file or directory.

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like
Read More

Disabling TLS 1.0 on nginx web servers

Disable TLS 1.0 and enable higher versions of TLS in nginx. To disable TLS 1.0 on nginx webserver installations, edit the "ssl_protocols" directive in your nginx.conf, where the TLS server directives are listed and remove TLSv1.
Read More

Steps to create initrd

Creating initrd using mkinitrd # mkinitrd  -v -f –with=e1000 /tmp/initrd.gz 2.6.9-55 Extracting the initrd image to add contents…
Read More

AIX tips

How to find the processors on an AIX server? [root@unixfoo-aix /]# lsdev -C -c processor -S aproc0 Available…