Good resources
https://linuxconfig.org/using-openssl-to-encrypt-messages-and-files-on-linux
Public key encrypt / private key decrypt – RSA (small files)
Note RSA (rsault) is only suitable for very small files and is typically used to encrypt a randomly chosen private key that a larger file gets encrypted with. The reason it won't allow use with large files (say over around 512 bytes) is performance.
Generating a key pair
Generate private key
openssl genrsa -out private_key.pem 1024
Then use it to generate the public key
openssl rsa -in private_key.pem -out public_key.pem -outform PEM -pubout
Encrypt file
This will encrypt using RSA and your 1024 bit key.
openssl rsautl -encrypt -inkey public_key.pem -pubin -in encrypt.txt -out encrypt.dat
Decrypt File
openssl rsautl -decrypt -inkey private_key.pem -in encrypt.dat -out new_encrypt.txt
Public key encrypt / private key decrypt – SMIME AES (Large files)
(Good up to around 500MB, dependant on platform and resources)
Generating a key pair
openssl req -x509 -nodes -days 100000 -newkey rsa:2048 -keyout privatekey.pem -out publickey.pem -subj '/'
Encrypt file
This will encrypt using RSA and your 1024 bit key.
openssl smime -encrypt -aes256 -in my_large_file.bin -binary -outform DEM -out my_large_file_encrypted.bin publickey.pem
Decrypt File
openssl smime -decrypt -in my_large_file.bin -binary -inform DEM -inkey privatekey.pem -out my_large_file.bin
USEFUL?
We benefit hugely from resources on the web so we decided we should try and give back some of our knowledge and resources to the community by opening up many of our company’s internal notes and libraries through mini sites like this. We hope you find the site helpful.
Please feel free to comment if you can add help to this page or point out issues and solutions you have found, but please note that we do not provide support on this site. If you need help with a problem please use one of the many online forums.