#!/bin/sh# 16 bytes of random data in hexopenssl rand 16 -hex# 16 bytes of

1. #!/bin/sh
2.  
3. # 16 bytes of random data in hex
4. openssl rand 16 -hex
5.  
6. # 16 bytes of random data in base64
7. openssl rand 16 -base64
8.  
9. # encrypt a file
10. openssl enc -aes-256-cbc -in /tmp/foo -out /tmp/foo.out
11.  
12. # alt to encrypt a file, add -a to output to base64, add -salt to use salt
13. openssl aes-256-cbc -in /tmp/foo -out /tmp/foo.enc
14.  
15. # decrypt
16. openssl aes-256-cbc -d -in /tmp/foo/enc -out /tmp/foo.dec
17.  
18. # generate RSA private key
19. # 4096-bit private key, protected by password with AES256
20. openssl genrsa -aes256 4096
21.  
22. # 4096-bit private key, no password
23. openssl genrsa 4096
24.  
25. # but genrsa is deprecated in favor of genpkey:
26. # 4096-bit private key, protected by password with AES256
27. openssl genpkey -algorithm RSA -aes-256-cbc -pkeyopt rsa_keygen_bits:4096
28.  
29. # 4096-bit private key, no password
30. openssl genpkey -algorithm RSA -aes-256-cbc -pkeyopt rsa_keygen_bits:4096
31.  
32. # Generate the matching public key
33. # Assume that we used "-out private.pem" in the generation
34. openssl rsa -in private.pem -pubout