Linux file encryption 1. base64 encoding/decoding when talking about how to send email attachments under the command line, many people think of uencode. You can also use base64 encoding. The following is the use of opensslbase64 encoding/decoding: www.2cto.com?opensslbase64filename.txt $... linux file encryption 1. base64 encoding/decoding how to send email attachments under the command line, many people think of uencode. You can also use base64 encoding. Use openssl base64 encoding/decoding: www.2cto.com $ openssl base64 filename.txt $ openssl base64-d filename. bin2. there are many methods for verifying document consistency in UNIX, such as sum, cksum, md5sum, and sha1sum. Sum and cksum are suitable for simple verification, and the generated verification code is easy to duplicate. Md5sum has a security vulnerability. Currently, sha1sum is recommended. However, sha1sum is used differently on different platforms. Considering the cross-platform nature, openssl is recommended. Www.2cto.com $ openssl sha1 filenameSHA1 (filename) = bytes $ openssl md5 filenameMD5 (filename) = 26e9855f8ad6a5906fea121283c729c43. openSSL supports many encryption algorithms, but some algorithms are not recommended for backward compatibility, such as DES and RC4-40. The recommended encryption algorithms are bf (Blowfish) and-aes-128-cbc (128-bit key AES encryption algorithm running in CBC mode), and the encryption strength is guaranteed. $ Openssl enc-aes-128-cbc filename. aes-128-cbcenter aes-128-cbc encryption password: Verifying-enter aes-128-cbc encryption password: decryption example: $ openssl enc-d-aes-128-cbc-in filename. aes-128-cbc> filenameenter aes-128-cbc decryption password: 4. openssl can generate random passwords. $ Openssl rand 15-base64s69mj + 8ToN2p3Z1KESBG the above command requires openssl to generate a 15-byte sequence and then encode it with base64, resulting in 20 characters. In daily life, you can often see this situation: the system administrator configures the initial password for the user, and then allows the user to log on to change the new password, which poses a security risk. A good practice is to send the encrypted password generated by the user to the administrator so that the administrator can configure the password in the system. For example, for the above-generated password, the UNIX password encryption method is as follows: $ openssl passwd-1 s69mj + 8ToN2p3Z1KESBG $1 $ Rp/btEwK $ qhUGFlsIpDtNT1I9MD/Gg1 administrator collects encrypted strings handed over to each user and writes them to a document, for example, the file named newpassword: user_a: $1 $ Rp/btEwK $ qhUGFlsIpDtNT1I9MD/Gg1user_ B: $1 $ zmUy5lry $ aG45DkcaJwM/GNlpBLTDy0... one user row, separated by a colon. The system administrator runs the following command to import the user password: www.2cto.com $ chpasswd -- encrypted for the old UNIX system, the password generation does not require parameter-1, for example: $ openssl passwd s69mj + 8ToN2p3Z1KESBGWarning: truncating password to 8 charactersFS4lGulQ915WU if there is no interface command after the passwd command, openssl will prompt you to enter a: $ openssl passwd-1 Password: Verifying-Password: $1 $ jACBc0.C $ login
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
