Hi. I wanted to encrypt and then decrypt my data file using openssl. As openssh is using openssl to generate the keys, I thought maybe I would be able to use my already generatet key pair fot the task.
So, I invoked the command: openssl rsautl -encrypt -inkey id_rsa.pub -pubin -in test.txt -out secret And got a sinle line in response: unable to load Public Key Then, I tried (just to check what the difference is) - note that I am using my private key this time: openssl rsautl -encrypt -inkey id_rsa -in test.txt -out secret And this time I was asked for the passphrase, and the encrypted file got created. So, the next step was to decrypt it (note I am using the private key again): openssl rsautl -decrypt -inkey id_rsa -in secret -out test.txt I was asked for the passphrase again, and this succesfully decrypted the file and created it on disk (it wasn't the original file since I deleted it). So, the questions I would like to ask are: 1. Can one or not use the same set of keys for public key cryptography with openssl, and for openssh? 2. I have been taught that the message is encrypted with the public key, and only the private key can decrypt it back. In this example, not only could I not use my public key for encryption, used the private one, but I was also able to decrypt the message with the very same key that was used to encrypt it! This looks like symmetric cryptography to me. I know I lack basic knowledge about this kind of stuff, so if anyone were so kind as to point me to some tutorials / links that explain this knowledge in some detail, and also describe the different key formats (like PEM, PKCS#1, PKCS#12, .pem, .cer, .der whatever ;-)), I would be very grateful. Thank you, Remik -- View this message in context: http://www.nabble.com/OpenSSL-data-enccryption---decryption-tp20243019p20243019.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
