Hello CentOS list, I have a requirement that I need to use encryption technology to encrypt very large tar file on a daily basis. The tar file is over 250G size and those are data backup. Every night the server generated a 250G data backup and it¹s tar¹ed into one tarball file. I want to encrypt this big tarball file. So far I have tried two technologies with no success. 1) generating RSA 2048 public/private key pair via ³openssl req -x509 -nodes -newkey rsa:2048 -keyout private.pem -out public.pem² command and uses the public key to encrypt the big tar file. The encryption command I used is "openssl smime -encrypt -aes256 -in backup.tar -binary -outform DEM -out backup.tar.ssl public.pem². The resulting backup.tar.ssl file is only 2G then encryption process stops there and refuse to do more. Cannot get around 2G. 2) generating GPG public/private key pair via ³gpg ‹gen-key² then encrypt with "gpg -e -u "backup" -r "backup² backup.tar². However, the gpg encryption stops at file size 50G and refuse to do more and the gpg process took over 48 hours. The server is very capable. It¹s 8 CPU Intel 2.33 GHz 16G RAM installing latest RHEL 5.11. Thought CentOS 5 is pretty much compatible in release with RHEL 5. I have searched google and found out a technique that utilizes the symmetric encryption. Then it needs to generate a symmetric key every day and uses public/private key pair to encrypt the symmetric key. However the drawback is that we don¹t know how to manage the symmetric key securely. We can¹t leave the un-encrypted symmetric key there on the server but we have to use the un-encrypted symmetric key for encryption process. Plus we¹ll need to manage the symmetric encryption key, public and private key pair 3 things securely. Has anyone had experience on managing the asymmetric encryption for very large file and what¹s the best practice for that? Thanks. - xinhuan _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos