[NBLUG/talk] Encrypting Files for Cloud Backup

gandalf at sonic.net gandalf at sonic.net
Fri Apr 15 15:41:15 PDT 2016

I was looking for a way to encrypt files using a key or keys and found 
this article:

I tied it out and it worked, but oddly when I moved the keys to a 
different folder openssl said it couldn't find them. Of course I 
adjusted the encryption/description commands to point to the proper 
files. I moved them back to /root and suddenly they work.

Here's the command the article says to use to create keys:
openssl req -x509 -nodes -days 100000 -newkey rsa:2048 -keyout 
MyCompanyBackupsPRIVATE.pem -out MyCompanyBackupsPublicCert.pem -subj 

Here's one of the errors I got:
root at vault:/etc/backups/tmp# openssl smime -in itdocs.160415.tar.gz.aes 
-decrypt -binary -inform DEM -inkey ../MSRI-Backups-PRIVATE.pem | tar 
-zx -f -
Error reading S/MIME message
139777656317600:error:07069041:memory buffer 
routines:BUF_MEM_grow_clean:malloc failure:buffer.c:159:
139777656317600:error:0D06B041:asn1 encoding 
routines:ASN1_D2I_READ_BIO:malloc failure:a_d2i_fp.c:242:

gzip: stdin: unexpected end of file
tar: Child returned status 1
tar: Error is not recoverable: exiting now

Moved the pem files back to /root and everything works great. Although I 
find this reassuring I also find it disturbing as these keys are for 
encrypting backups and they may have to be manually typed in on a new 
system and used to restore an offsite backup from a disaster. I'd like 
to know that I can put these keys in folder and use them to decrypt 

More information about the talk mailing list