「Linux」opensslでファイルの暗号化、復号化操作サンプル

1.対称暗号方式

1.1ファイルを暗号化する
[root@localhost ~]# openssl enc -des3 -a -salt -in /etc/fstab -out /root/fstab.cipher
enter des-ede3-cbc encryption password:
Verifying – enter des-ede3-cbc encryption password:
[root@localhost ~]# ls -l ./fstab.cipher
-rw-r–r– 1 root root 1118 Mar 19 17:52 ./fstab.cipher
[root@localhost ~]# cat ./fstab.cipher
U2FsdGVkX1+pP0xxwJRYkpfPW2rSkKY1qTIqrmbSD1WVk+8HoixNPxUP5GSpbd4e
YJUhMCfVZwPLbKgTuWfUclPMox7yJ2o2kAwfi0WfAWORsOGyO9MENl0/l/iY1xJ/
s7zwqmJwycTib3fHleDmCkxiNm/X5969n1SCGiSKGElTTQYGE2295yP+RySmheU+
c3gwQrj2hDq7CPS038ZmnNsrRVlsTBykcLtxOxDvelckdSS3N3z6V6VmTSOcudqC
ZfXPcAVYwLB5/9C+x/S1CjbBPzQM2i2PD8jG1V3g9V44xRVe/1lcJpSFkUyPxTkj
a5NQZqi6JtXbSywY7cZjAHXu7F/DpTKUX3hLB8A+VuLLb8x2VI5uj+oCePFw7Exz
xj51iJHsLmf9sXq2N6C+4ZlvHONXcD7K3WCQW/UwuYWGYY0sssuvbkyPMO5JEX9f
qLzKxb79e9RUfg5KMTMaqmCHNtvmCWEBKZyeTIJmWKmzvOgnEy+BhqPhCfQMhEPf
pbN3Yi+tVFs5GvyBN7MKV8vG3qoGJKzHG2Nn/RgvV/+GcnQZiRHYSdZjLxIUIuNj
gZ5uJWif9vbdYRVB6KMbp2F50l41pUJFXFsRY+C6Fk/wcCcQJDakHGrKWWiC0yDm
T5DdBsV0zy8A4EEtSxUa4TxWYgeLPBZSUDAxT9o5llzmX1QkP0TBNNEaITFKmsXJ
7Tv4V58JsiwxhmPvW+TirN7MLfK26/v+1TB+49DZjMQfSxS6aw9EAl+sk6LSrNwe
XIdTzvQlkTPlxW4Lj8QqsAannfqVR8kQYvx9QnzSpjFiGHcG1fBsrG8oUeqWj7uY
bN4AInv0V7Eq5kMb51XlZD4rxajgepdX8jjl/A5gCx+8BqLvqffkh99dem2ov9GY
FSyT+tKT69YvuHITI1VbwD+4VrxyF558W3Gwo1T8D8XnSAYgfosM4Lly1np1UN0w
VqlFDenH6sxslutag/CuKc5eNRZJf8mVk54QElL956APwPWSSlOtBzsBqA37M7MO
QKR4tjITJYWxuup0rvagBJQ6fhHYqlU81rbGcHRBP5HeJ/D3gl6/ePnCAbHnpPeA
rna7jWPVOEM=
[root@localhost ~]#

1.2 ファイルを複合化する
[root@localhost ~]# openssl enc -d -des3 -a -salt -in ./fstab.cipher -out ./fstab
enter des-ede3-cbc decryption password:
[root@localhost ~]# ls -l ./fstab
-rw-r–r– 1 root root 805 Mar 19 17:57 ./fstab
[root@localhost ~]# cat ./fstab
#
# /etc/fstab
# Created by anaconda on Fri Mar 14 08:41:02 2014
#
# Accessible filesystems, by reference, are maintained under '/dev/disk’
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=b7e89175-1bb1-4f9b-af34-7450d276bc62 / ext4 defaults 1 1
UUID=85a0d4fa-fc8b-4147-95ff-cdee4fbe5869 /boot ext4 defaults 1 2
UUID=02bca372-7b18-46b0-9c81-67b807847d36 swap swap defaults 0 0
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
[root@localhost ~]#
2.非対称暗号方式
[root@localhost ~]# ls
anaconda-ks.cfg install.log install.log.syslog
[root@localhost ~]# cp /etc/fstab .
[root@localhost ~]# ls
anaconda-ks.cfg fstab install.log install.log.syslog
[root@localhost ~]# md5sum fstab
35a092e2a7f450fdc2d8fb0e48ba8f07 fstab
[root@localhost ~]# openssl dgst -md5 fstab
MD5(fstab)= 35a092e2a7f450fdc2d8fb0e48ba8f07
[root@localhost ~]#

Linux

Posted by arkgame