$ fallocate -l 1G large_file.img $ ls -lh large_file.img -rw-r--r--. 1 lrendek lrendek 1.0G Jan 2 16:40 large_file.imgNow that we have sample 1GB in size file, what we need next is an OpenSSL public and private key pair. This can be done by a following linux command:
$ openssl req -x509 -nodes -newkey rsa:2048 -keyout private-key.pem -out public-key.pem Generating a 2048 bit RSA private key ............................................+++ .....+++ writing new private key to 'private-key.pem' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]: State or Province Name (full name) : Locality Name (eg, city) [Default City]: Organization Name (eg, company) [Default Company Ltd]: Organizational Unit Name (eg, section) : Common Name (eg, your name or your server's hostname) : Email Address :There is not need to answer any of the above questions so simply hit
ENTERto continue. Now you should have both private and public keys in your current working directory:
$ ls -l *.pem -rw-rw-r--. 1 lrendek lrendek 1704 Jan 2 16:45 private-key.pem -rw-rw-r--. 1 lrendek lrendek 1220 Jan 2 16:45 public-key.pemMake sure to keep your private key in the save location otherwise you will not be able to decrypt your files and your files may be decrypted by someone else.
BLUE SKY STUDIOS are looking for Linux Administrator to maintain and support the Studio's 450+ production Linux workstations, including daily interactions with the Studio’s digital animation artists.
LOCATION: Greenwich, Connecticut, USA
Encrypt large file using OpenSSLNow we are ready to decrypt large file using OpenSSL encryption tool:
$ openssl smime -encrypt -binary -aes-256-cbc -in large_file.img -out large_file.img.dat -outform DER public-key.pemThe above command have encrypted your large_file.img and store it as large_file.img.dat:
$ ls -l large_file.img* -rw-r--r--. 1 lrendek lrendek 1073741824 Jan 2 16:40 large_file.img -rw-rw-r--. 1 lrendek lrendek 1073742293 Jan 2 16:49 large_file.img.datWe can generate hash using
md5sumfor both files so we can compare them once we decrypt our file:
$ md5sum large_file.img* cd573cfaace07e7949bc0c46028904ff large_file.img c4d8f1e868d1176d8aa5363b0bdf8e7c large_file.img.dat
Decrypt large file using OpenSSL
$ openssl smime -decrypt -in large_file.img.dat -binary -inform DEM -inkey private-key.pem -out decrypted_large_file.imgThe above command have decrypted our previously encrypted large file ans stored it as
decrypted_large_file.img. Let's once again generate md5sum hash to compare our results:
$ md5sum *large_file.img* cd573cfaace07e7949bc0c46028904ff decrypted_large_file.img cd573cfaace07e7949bc0c46028904ff large_file.img c4d8f1e868d1176d8aa5363b0bdf8e7c large_file.img.datFrom the above output you can see that
decrypted_large_file.imgand the original