Create an AES256 encrypted and compressed tar archive. User is prompted to enter the password. Decrypt with: openssl enc -d -aes256 -in <file> | tar --extract --file - --gzip

Use the following variation for FreeBSD: openssl rand 6 | xxd -p | sed 's/\(..\)/\1:/g; s/:$//'

client$ while true; do read -n30 ui; echo $ui |openssl enc -aes-256-ctr -a -k PaSSw ; done | nc localhost 8877 | while read so; do decoded_so=`echo "$so"| openssl enc -d -a -aes-256-ctr -k PaSSw`; echo -e "Incoming: $decoded_so"; done This will establish a simple encrypted chat with AES-256-CTR using netcat and openssl only. More info here https://nixaid.com/encrypted-chat-with-netcat/

Allows you to connect to an SMTP server over TLS, which is useful for debugging SMTP sessions. (Much like telnet to 25/tcp). Once connected you can manually issue SMTP commands in the clear (e.g. EHLO) Show Sample Output

A bitcoin "brainwallet" is a secret passphrase you carry in the "wallet" of your brain. The Bitcoin Brainwallet Private Key Calculator calculates the standard base58 encoded bitcoin private key from your "brainwallet" passphrase. The private key is the most important bitcoin number. All other numbers can be derived from it. This command uses 3 other functions - all 3 are defined on my user page: 1) brainwallet_exponent() - search for Bitcoin Brainwallet Exponent Calculator 2) brainwallet_checksum() - search for Bitcoin Brainwallet Exponent Calculator 3) b58encode() - search for Bitcoin Brainwallet Base58 Encoder Do make sure you use really strong, unpredictable passphrases (30+ characters)! http:brainwallet.org can be used to check the accuracy of this calculator. Show Sample Output

command to decrypt: openssl enc -aes-256-cbc -d < secret.tar.enc | tar x Of course, don't forget to rm the original files ;) You may also want to look at the openssl docs for more options.

A bitcoin "brainwallet" is a secret passphrase you carry in your brain. The Bitcoin Brainwallet Exponent Calculator is one of three functions needed to calculate the bitcoin PRIVATE key. Roughly, the formula is exponent = sha256 (passphrase) Note that this is a bash function, which means you have to type its name to invoke it. You can check the accuracy of the results here http://brainwallet.org Show Sample Output

A bitcoin "brainwallet" is a secret passphrase you carry in your brain. The Bitcoin Brainwallet Exponent Calculator is the second of three functions needed to calculate a bitcoin PRIVATE key. Roughly, checksum is the first 8 hex digits of sha256(sha256(0x80+sha256(passphrase))) Note that this is a bash function, which means you have to type its name to invoke it Show Sample Output

When you don't have c_rehash handy. Really simple - if you have a .pem file that doesn't really contain a x509 cert (let's say, newreq.pem), it will create a link, simply called '.0', pointing to that file.

The lifehacker way: http://lifehacker.com/software/top/geek-to-live--encrypt-your-data-178005.php#Alternate%20Method:%20OpenSSL "That command will encrypt the unencrypted-data.tar file with the password you choose and output the result to encrypted-data.tar.des3. To unlock the encrypted file, use the following command:" openssl des3 -d -salt -in encrypted-data.tar.des3 -out unencrypted-data.tar Show Sample Output

I have a mac, and do not want to install mac ports to get the base64 binary. Using openssl will do the trick just fine. Note, to decode base64, specify a '-d' after 'base64' in the command. Note also the files base64.decoded.txt and base64.encoded.txt are text files.

Another option is openssl.

Strip a password from a openssl key to use with apache httpd server

This will extract the public key that is stored in the private key using openssl. Show Sample Output

A quick and simple way of outputting the start and end date of a certificate, you can simply use 'openssl x509 -in xxxxxx.crt -noout -enddate' to output the end date (ex. notAfter=Feb 01 11:30:32 2009 GMT) and with the date command you format the output to an ISO format. For the start date use the switch -startdate and for end date use -enddate. Show Sample Output

No need to install yet another program when openssl is already installed. :-)

This will create, in the current directory, a file called 'pk.pem' containing an unencrypted 2048-bit RSA private key and a file called 'cert.pem' containing a certificate signed by 'pk.pem'. The private key file will have mode 600. !!ATTENTION!! ==> this command will overwrite both files if present.

To decrypt: openssl aes-256-cbc -d -in secrets.txt.enc -out secrets.txt.new Reference: http://tombuntu.com/index.php/2007/12/12/simple-file-encryption-with-openssl Optional parameter -a makes output base64 encoded, can be viewed in text editor or pasted in email

Handy if you want to quickly generate a self-signed certificate. Also can be used in your automated scripts for generating quick-use certificates. Show Sample Output

Based on http://stackoverflow.com/questions/13127352/checking-alternative-names-for-a-san-ssl-cert Replace "facebook.com" with the desired hostname. Show Sample Output