Re: Asymmetric encryption for very large tar file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



hi all

sorry my poor english..

but you need encrypt that large file in symetric way. use the asymetric way
( public/private key par) to encrypt the symetric key.
Em 17/12/2014 15:58, "Markus" <markus.scharitzer@xxxxxxxxx> escreveu:

> On 17/12/14 18:54, Leon Fauster wrote:
> > Am 17.12.2014 um 18:42 schrieb Les Mikesell <lesmikesell@xxxxxxxxx>:
> >> On Wed, Dec 17, 2014 at 11:14 AM, Xinhuan Zheng
> >> <xzheng@xxxxxxxxxxxxxxxxx> wrote:
> >>> I have a requirement that I need to use encryption technology to
> encrypt
> >>> very large tar file on a daily basis. The tar file is over 250G size
> and
> >>> those are data backup. Every night the server generated a 250G data
> backup
> >>> and it¹s tar¹ed into one tarball file. I want to encrypt this big
> tarball
> >>> file. So far I have tried two technologies with no success.
> >>> 1) generating RSA 2048 public/private key pair via ³openssl req -x509
> >>> -nodes -newkey rsa:2048 -keyout private.pem -out public.pem² command
> and
> >>> uses the public key to encrypt the big tar file. The encryption
> command I
> >>> used is "openssl smime -encrypt -aes256 -in  backup.tar -binary
> -outform
> >>> DEM -out backup.tar.ssl  public.pem². The resulting backup.tar.ssl
> file is
> >>> only 2G then encryption process stops there and refuse to do more.
> Cannot
> >>> get around 2G.
> >>
> >> What happens if you use a pipeline or redirection instead of the -in
> >> and -out files?   I regularly write large tapes with something like:
> >> openssl aes-256-cbc -salt -k password <input.tar.gz  |dd bs=10240
> >> obs=10240 of=/dev/nst0
> >> Not quite the same, but there does not seem to be an inherent size
> >> limit in openssl as long as it is not handling files and it happens at
> >> a reasonable speed so it must be using the intel hardware support.
> >
> >
> >
> > Furthermore - is there the need to use "one" big tar file? Despite
> > having a capable workstation/server handling such big files, it has
> > also advantages splitting such backups (e.g. man split) ...
> >
> > --
> > LF
> >
> >
> >
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS@xxxxxxxxxx
> > http://lists.centos.org/mailman/listinfo/centos
> >
>
> Is it possible for you to use gpg? You could do something like:
> tar zcf /something - | gpg -e -r otherkey | cat - > backup.tgz
>
> Regards
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos





[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux