OpenSSL notes
From Noah.org
Jump to navigationJump to search
External OpenSSL Command-line FAQ
This OpenSSL HowTo/FAQ deals with the command-line openssl.
Remove password from OpenVPN key
The user's client.key generated by `openvpn --genkey` is an OpenSSL RSA key. You can use `openssl` commands on the key. This will overwrite the existing user.key file:
openssl rsa -in client.key -out client.key
Encrypt output of a command to log file
It is pretty trivial to send output from a command to an encrypted log file. This is useful if running a server in debug mode where log output might contain sensitive information such as personal information or passwords.
some_command | openssl bf -e -salt -out log.bf
You can decrypt the log file while the command is still running.
cat log.bf | openssl bf -d -salt