Difference between revisions of "OpenSSL notes"
From Noah.org
Jump to navigationJump to searchLine 8: | Line 8: | ||
== Remove password from OpenVPN key == | == Remove password from OpenVPN key == | ||
− | The user key generated by `openvpn --genkey` is an OpenSSL RSA key. You can use `openssl` commands on the key. '''This will overwrite the existing user.key file''': | + | The user's client.key generated by `openvpn --genkey` is an OpenSSL RSA key. You can use `openssl` commands on the key. '''This will overwrite the existing user.key file''': |
<pre> | <pre> | ||
− | openssl rsa -in | + | openssl rsa -in client.key -out client.key |
</pre> | </pre> | ||
Revision as of 06:53, 22 October 2008
External OpenSSL Command-line FAQ
This OpenSSL HowTo/FAQ deals with the command-line openssl.
Remove password from OpenVPN key
The user's client.key generated by `openvpn --genkey` is an OpenSSL RSA key. You can use `openssl` commands on the key. This will overwrite the existing user.key file:
openssl rsa -in client.key -out client.key
Encrypt output of a command to log file
It is pretty trivial to send output from a command to an encrypted log file. This is useful if running a server in debug mode where log output might contain sensitive information such as personal information or passwords.
some_command | openssl bf -e -salt -out log.bf
You can decrypt the log file while the command is still running.
cat log.bf | openssl bf -d -salt