Hybrid symmetric encription/decryption of given file with generated key. Then encryption of generated key with given public key. Initial files are deleted.

decrypt.sh

#!/bin/bash

FILE=${1%.enc}
KEYNAME=$2

openssl rsautl -decrypt -inkey ${KEYNAME} < ${FILE}.key.enc > ${FILE}.key
openssl enc -aes-256-cbc -d -pass file:${FILE}.key < ${FILE}.enc > ${FILE}
rm ${FILE}.key.enc ${FILE}.enc

encrypt.sh

#!/bin/bash

function mkpw() {
	head /dev/urandom | uuencode -m - | sed -n 2p | cut -c1-${1:-64};
}

FILE=$1
KEYNAME=$2

echo `mkpw` > ${FILE}.key

openssl enc -aes-256-cbc -pass file:${FILE}.key < ${FILE} > ${FILE}.enc
openssl rsautl -encrypt -pubin -inkey ${KEYNAME} < ${FILE}.key > ${FILE}.key.enc
rm ${FILE} ${FILE}.key