This is a discussion on OpenSSL data enccryption / decryption - Openssl ; Hi. I wanted to encrypt and then decrypt my data file using openssl. As openssh is using openssl to generate the keys, I thought maybe I would be able to use my already generatet key pair fot the task. So, ...
Hi. I wanted to encrypt and then decrypt my data file using openssl. As
openssh is using openssl to generate the keys, I thought maybe I would be
able to use my already generatet key pair fot the task.
So, I invoked the command:
openssl rsautl -encrypt -inkey id_rsa.pub -pubin -in test.txt -out secret
And got a sinle line in response:
unable to load Public Key
Then, I tried (just to check what the difference is) - note that I am using
my private key this time:
openssl rsautl -encrypt -inkey id_rsa -in test.txt -out secret
And this time I was asked for the passphrase, and the encrypted file got
So, the next step was to decrypt it (note I am using the private key again):
openssl rsautl -decrypt -inkey id_rsa -in secret -out test.txt
I was asked for the passphrase again, and this succesfully decrypted the
file and created it on disk (it wasn't the original file since I deleted
So, the questions I would like to ask are:
1. Can one or not use the same set of keys for public key cryptography with
openssl, and for openssh?
2. I have been taught that the message is encrypted with the public key, and
only the private key can decrypt it back. In this example, not only could I
not use my public key for encryption, used the private one, but I was also
able to decrypt the message with the very same key that was used to encrypt
it! This looks like symmetric cryptography to me.
I know I lack basic knowledge about this kind of stuff, so if anyone were so
kind as to point me to some tutorials / links that explain this knowledge in
some detail, and also describe the different key formats (like PEM, PKCS#1,
PKCS#12, .pem, .cer, .der whatever ;-)), I would be very grateful.
View this message in context: http://www.nabble.com/OpenSSL-data-e...p20243019.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
OpenSSL Project http://www.openssl.org
User Support Mailing List firstname.lastname@example.org
Automated List Manager email@example.com