First, you need to use your private key to generate a public key.
openssl rsa -in ~/.ssh/id_rsa -pubout ~/.ssh/id_rsa.public
That is not to be confused with SSH public. Once you have that you can encrypt a file using your public key:
> echo "example">~/.ssh/passwd > openssl rsautl -encrypt -inkey ~/.ssh/id_rsa.public -pubin -in ~/.ssh/passwd -out ~/.ssh/.passwdenc > openssl rsautl -decrypt -inkey ~/.ssh/id_rsa -in ~/.ssh/.passwdenc example
I find this useful when sharing scripts that require password and you don't want to store your password un-encrypted and you also don't want to have to remember to remove the password (if you did type in your password) before sharing it. I sometimes find it useful to create expect scripts to check multiple servers that do not support public/private key pair encryption and I don't want to put my clear text password in the script.
No comments:
Post a Comment