LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-21-2007, 08:35 PM   #1
szim90
Member
 
Registered: Nov 2006
Distribution: Debian Testing
Posts: 39

Rep: Reputation: 15
Encryption with openssl and gpg


Hi.

I have begun encrypting some of my tar archives for security. I was wondering, which is safer:

tar -cf - files | gpg --cipher-algo aes256 -c -o - > file
or
tar -cf - files | openssl aes-256-cbc -salt > file

I guess my question boils down to this: which is better to use for encrypting individual archives, openssl or gpg.

Also, does my password have to be a true random sequence (like something from `openssl rand [length] -base64`) to be secure with these programs (or do these programs hash the passwords so that is not necessary)?

Thanks for any help.

Regards,
Sean
 
Old 10-22-2007, 03:13 PM   #2
PatrickNew
Senior Member
 
Registered: Jan 2006
Location: Charleston, SC, USA
Distribution: Debian, Gentoo, Ubuntu, RHEL
Posts: 1,148
Blog Entries: 1

Rep: Reputation: 48
I'm not sure I could really comment on which one is 'safer'. That is, if they both are using 256 AES, then the theoretical security is equal, the only differences in security would be things like how well they protect their memory spaces from being swapped, etc. However, I would go with gpg, because it's really meant for this kind of thing. That is, openssl is really the solution for encrypting streams (http connects, ssh, etc) and gpg is a solution for block encryption (files, things of fixed length).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
gpg encryption for skype crashsystems Linux - Security 3 07-12-2007 12:17 PM
which encryption should I use, gpg? Melsync Linux - Security 4 07-06-2006 05:26 AM
GPG Encryption Problems in Kmail TatforTit Linux - Newbie 16 02-27-2006 10:35 PM
gpg filename encryption ??? rino.caldelli Linux - Security 2 02-26-2006 06:34 AM
gpg / pgp encryption pteren Linux - Software 8 07-26-2003 03:14 AM


All times are GMT -5. The time now is 08:27 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration