LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux > Linux - Security
Reload this Page Encryption with openssl and gpg
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Thread Tools Search this Thread
Old 10-21-2007, 09:35 PM   #1
szim90
Member
 
Registered: Nov 2006
Distribution: Debian Testing
Posts: 39
Thanked: 0
Encryption with openssl and gpg

[Log in to get rid of this advertisement]
Hi.

I have begun encrypting some of my tar archives for security. I was wondering, which is safer:

tar -cf - files | gpg --cipher-algo aes256 -c -o - > file
or
tar -cf - files | openssl aes-256-cbc -salt > file

I guess my question boils down to this: which is better to use for encrypting individual archives, openssl or gpg.

Also, does my password have to be a true random sequence (like something from `openssl rand [length] -base64`) to be secure with these programs (or do these programs hash the passwords so that is not necessary)?

Thanks for any help.

Regards,
Sean
szim90 is offline     Reply With Quote
Old 10-22-2007, 04:13 PM   #2
PatrickNew
Senior Member
 
Registered: Jan 2006
Location: Charleston, SC, USA
Distribution: Debian Squeeze, Gentoo
Posts: 1,140
Blog Entries: 1
Thanked: 4
I'm not sure I could really comment on which one is 'safer'. That is, if they both are using 256 AES, then the theoretical security is equal, the only differences in security would be things like how well they protect their memory spaces from being swapped, etc. However, I would go with gpg, because it's really meant for this kind of thing. That is, openssl is really the solution for encrypting streams (http connects, ssh, etc) and gpg is a solution for block encryption (files, things of fixed length).
PatrickNew is offline     Reply With Quote

Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
gpg encryption for skype crashsystems Linux - Security 3 07-12-2007 01:17 PM
which encryption should I use, gpg? Melsync Linux - Security 4 07-06-2006 06:26 AM
GPG Encryption Problems in Kmail TatforTit Linux - Newbie 16 02-27-2006 11:35 PM
gpg filename encryption ??? rino.caldelli Linux - Security 2 02-26-2006 07:34 AM
gpg / pgp encryption pteren Linux - Software 8 07-26-2003 04:14 AM


All times are GMT -5. The time now is 05:14 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap - LinuxQuestions.org - Linux Forums
Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Advertisement
Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Click Here to receive a complimentary subscription courtesy of LQ.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
RSS2  LQ Podcast
RSS2  LQ Radio
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration