Subject: Re: easiest way to encrypt a file?
To: Jeremy C. Reed <firstname.lastname@example.org>
From: Dave <email@example.com>
Date: 12/18/2004 00:20:11
On Fri, Dec 17, 2004 at 10:28:00AM -0800, Jeremy C. Reed wrote:
> I want to place a DSA key file on a server not maintained by myself. It is
> pass-phrase protected, but still I don't want the file used.
> Anything in the NetBSD base? (And examples?)
One example of a method to do this is
/usr/bin/openssl des3 -e -salt -in <file> -out <file>.des3
/bin/rm -i <file>
for encrypting and
/usr/bin/openssl des3 -d -in <file>.des3 -out <file>
for decrypting. I use these a lot. Don't forget the -salt, the man
page emphasizes that omitting it makes the encryption weaker.
Is the existing pass-phrase protection weak in some way, by the way?
I'd certainly want to know... Or do you just sometimes have to use
the DSA key and its pass-phrase on an untrusted machine?