Sep 2, 2018
#htpasswd
#nginx
#openssl
To create an htpasswd file (for htaccess “authentication”) using openssl:
$ printf "foo:$(openssl passwd -apr1 PASSWORD)\n" >> .htpasswd If need to use crypt:
$ printf "foo:$(openssl passwd -crypt PASSWORD)\n" >> .htpasswd
…
Apr 11, 2017
#mysql
#xz
#openssl
mysqldump + xz + openssl First add to .my.cnf the proper username/password to avoid getting a warning:
[client] host = localhost user = dbadmin password = secret To take the dump and keep it only for 31 days:
#!/bin/sh DAY=$(date +%d) mysqldump --events --routines --triggers --add-drop-database --compress --hex-blob --opt --skip-comments --single-transaction dbname | \ xz -c | \ openssl smime -encrypt -aes256 -binary -out /safe/path/${DAY}.sql.xz.enc -outform DER /path/to/cert.pem mysqldump The options used:
…
Sep 29, 2016
#ssh
#openssl
Encrypt a file using ssh public keys.
Create ssh public key in PEM format:
ssh-keygen -f id_rsa.pub -e -m PKCS8 > id_rsa.pem.pub Use openssl to encrypt/decrypt
Encrypt:
openssl rsautl -encrypt -pubin -inkey ~/.ssh/id_rsa.pem.pub -ssl -in test.txt -out test.txt.enc Decrypt:
openssl rsautl -decrypt -inkey ~/.ssh/id_rsa -in test.txt.enc -out test.txt.enc.txt
…
Jun 22, 2016
#openssl
To display the contents of a PEM formatted certificate:
$ openssl x509 -in the-cert.pm -text Connecting to the server:
$ openssl s_client -showcerts -connect imap.ejemplo.org:993 < /dev/null Test smtp 587:
$ openssl s_client -host smtp.gmail.com -port 587 -starttls smtp -crlf Checking the Validity Date:
$ openssl s_client -showcerts -connect nbari.com:443 2>/dev/null | openssl x509 -noout -dates Encode base64 a file:
$ openssl enc -base64 -in file.
…