Context: "User A" has a password in a text file that he needs to share with "User B".
- User A and User B - Download and install
openssl
% brew update && brew install openssl
- User B - Generate a public key
% ssh-keygen -o
- User B - Convert your public AND private key to
.pem
% # public key
% openssl rsa -in ~/.ssh/id_rsa -outform pem > ~/.ssh/id_rsa.pem
% # private key
% openssl rsa -in ~/.ssh/id_rsa -pubout -outform pem > ~/.ssh/id_rsa.pub.pem
-
User B - Send public key to User A (id_rsa.pub.pem)
-
User A - Generate a random key
% openssl rand -base64 32 > key.bin
- User A - Encrypt the random key
% openssl rsautl -encrypt -inkey ~/.ssh/id_rsa.pub.pem -pubin -in key.bin -out key.bin.enc
- User A - Encrypt the file you are trying to keep secret
% openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -in ${secret_file} -out ${secret_file}.enc -pass file:./key.bin
-
User A - Send encryped files to User B (${secret_file}.enc and key.bin.enc)
-
User B - Decrept the key and file
% # first the key
% openssl rsautl -decrypt -inkey id_rsa.pem -in key.bin.enc -out key.bin
% # then the actual file
% openssl enc -d -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -in ${secret_file}.enc -out ${secret_file} -pass file:./key.bin