$ echo "top secret text" | openssl enc -aes-256-cbc -base64
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
<< encrypted text >>
$ echo "<< encrypted text >>" | openssl enc -d -aes-256-cbc -base64
enter aes-256-cbc decryption password:
top secret text
openssl genrsa -out private.pem 2048
openssl rsa -in private.pem -pubout -out public.pem
openssl rsautl -encrypt -in secret-transmission.txt -out secret-transmission.txt.enc -inkey public.pem -pubin
openssl rsautl -decrypt -in secret-transmission.txt.enc -out secret-transmission.txt -inkey private.pem
openssl rsautl -sign -in secret-transmission.txt -out secret-transmission.txt.enc.signed -inkey private.pem
openssl rsautl -verify -in secret-transmission.txt.enc.signed -out secret-transmission.txt -inkey public.pem -pubin
Never store private key in clear text format!
openssl rsa -in private.pem -des3 -out private-enc.pem
$ openssl version
LibreSSL 2.6.4
openssl list-cipher-commands