# dnf install tar tpm2-tools openssl /usr/bin/xxd
# ## Encrypt
# dd if=/dev/random of=shared_key bs=64 count=1
# openssl enc \
-aes-256-cbc -salt \
-iv $(dd if=shared_key bs=1 skip=32 | xxd -l 16 -c 32 -p ) \
-K $(xxd -l 32 -c 32 -p < shared_key) \
-in ssh_host_keys.tgz \
-out ssh_host_keys.tgz.aes256
# tpm2_createprimary -c primary.ctx
# tpm2_create -C primary.ctx -Grsa2048 -u key.pub -r key.priv
# tpm2_load -C primary.ctx -u key.pub -r key.priv -c key.ctx
# tpm2_rsaencrypt -c key.ctx -o shared_key.enc shared_key
# # save key.pub key.priv shared_key.enc ssh_host_keys.tgz.aes256
# ## Decrypt
# tpm2_createprimary -c primary.ctx
# tpm2_load -C primary.ctx -u key.pub -r key.priv -c key.ctx
# tpm2_rsadecrypt -c key.ctx -o shared_key shared_key.enc
# openssl enc -d \
-aes-256-cbc -salt \
-iv $(dd if=shared_key bs=1 skip=32 | xxd -l 16 -c 32 -p ) \
-K $(xxd -l 32 -c 32 -p < shared_key) \
-in ssh_host_keys.tgz.aes256 \
-out ssh_host_keys.tgz
Created
April 27, 2020 18:05
-
-
Save haraldh/a8a2f3ce70f454d094051a3921d82752 to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment