opensslで作成した暗号化済みの鍵の暗号化を解除した鍵を作成する方法をご紹介します。
まずは、暗号化方式AES256で暗号化した鍵「encription.key」を作成します。
1 2 3 4 5 6 7 8 |
[root@kamatora ~]# openssl genrsa -aes256 > encription.key Generating RSA private key, 1024 bit long modulus ..............................................++++++ ...............++++++ e is 65537 (0x10001) Enter pass phrase: Verifying - Enter pass phrase: [root@kamatora ~]# |
内容の確認にパスワードが要求されます。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
[root@kamatora ~]# openssl rsa -text < encription.key <span style="color: #ff0000;">Enter pass phrase:</span> Private-Key: (1024 bit) modulus: 00:e8:cf:90:b2:8e:e7:2e:39:25:56:d7:04:9e:ee: 6d:c9:8f:0f:94:59:ba:2b:25:32:a6:b8:16:48:97: c5:89:d0:bc:bb:24:af:ff:c1:5b:86:1d:fa:70:02: 0d:29:50:ea:c5:7e:2e:ea:f7:1b:19:07:fe:a1:92: 42:fc:75:90:34:7c:63:1d:23:e7:81:fc:ff:e8:51: e4:90:b9:1b:24:6c:65:2b:02:1a:3c:d8:73:d1:60: 88:23:f1:78:95:b9:f4:c6:44:54:af:c7:c6:5a:ff: 78:30:b5:05:a3:a6:e7:ac:fa:80:ff:f4:6f:28:73: 4a:6a:b8:7a:e2:21:f4:5f:5b publicExponent: 65537 (0x10001) privateExponent: 00:c2:6b:a4:c1:19:0a:02:d6:02:52:b5:19:cc:c7: fc:b3:58:5f:80:5a:36:58:95:a5:e9:08:ce:c3:2c: cb:f0:bd:7a:ff:26:32:3c:79:73:3f:5b:85:ab:48: 6b:49:57:a3:d7:ed:fa:ac:8a:53:fc:e1:6a:49:ef: e5:35:03:d0:ba:0c:6d:2a:f6:09:08:30:1f:e5:d7: 1e:ca:5b:22:8e:7c:91:3d:d9:9b:90:95:5e:e8:0e: 35:a2:2b:c7:5a:4e:fc:fe:5d:13:9f:5f:85:62:05: 88:68:17:36:a6:79:62:17:44:eb:f2:7e:4f:da:84: 3e:3f:dc:72:c3:69:ec:62:f1 prime1: 00:f4:ff:54:2d:a0:b2:85:87:de:98:cf:6d:a9:de: 53:90:dd:43:f7:66:d4:03:7c:06:08:0a:ad:69:59: 8d:6b:1c:4a:52:cb:31:8c:f4:7b:49:c6:db:9f:d1: cd:ea:96:05:56:ca:1d:43:ec:d4:df:59:b3:63:dc: 8a:61:7a:b3:ef prime2: 00:f3:44:21:68:76:c5:c4:fb:f1:a1:09:87:a2:b9: 76:be:a9:9d:b4:30:39:25:1f:c5:5f:37:c1:cb:aa: aa:3d:e1:00:10:66:3b:5f:9c:0c:18:52:14:d3:33: 0a:8b:66:21:42:63:73:6b:72:e0:a1:e2:92:24:1e: 84:38:ee:6f:55 exponent1: 00:b8:b5:af:bf:5e:c2:79:4e:00:92:f1:00:5a:eb: 95:d1:48:20:af:eb:c4:b8:83:cf:00:4d:1c:84:aa: d1:a6:09:84:37:7b:9e:76:08:f4:d2:a0:ac:80:87: eb:59:8b:95:a6:e3:66:c1:09:53:4c:b9:12:38:9d: d3:6e:be:d5:dd exponent2: 00:ec:90:f0:bc:19:e4:b1:6f:20:c7:2d:f1:4c:f9: 76:d4:6b:36:05:a8:6f:a9:fe:7f:7d:dd:47:04:bc: 6e:d9:c6:18:bd:d9:ed:1b:49:31:29:e5:88:82:ea: 3b:f2:db:da:b4:28:ea:71:2f:41:eb:ab:dd:da:6a: 22:c3:0a:7c:11 coefficient: 29:97:45:68:f3:20:69:1b:00:47:ec:bf:95:95:fb: a2:19:a4:fe:10:51:fd:cb:94:3e:8f:80:28:ed:74: 22:c2:bc:e9:30:22:b5:f8:82:cb:7e:57:bc:b3:2f: cf:cb:74:51:08:6f:49:c1:1c:3a:fc:6f:de:83:44: d5:99:77:c0 writing RSA key -----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQDoz5CyjucuOSVW1wSe7m3Jjw+UWborJTKmuBZIl8WJ0Ly7JK// wVuGHfpwAg0pUOrFfi7q9xsZB/6hkkL8dZA0fGMdI+eB/P/oUeSQuRskbGUrAho8 2HPRYIgj8XiVufTGRFSvx8Za/3gwtQWjpues+oD/9G8oc0pquHriIfRfWwIDAQAB AoGBAMJrpMEZCgLWAlK1GczH/LNYX4BaNliVpekIzsMsy/C9ev8mMjx5cz9bhatI a0lXo9ft+qyKU/zhaknv5TUD0LoMbSr2CQgwH+XXHspbIo58kT3Zm5CVXugONaIr x1pO/P5dE59fhWIFiGgXNqZ5YhdE6/J+T9qEPj/ccsNp7GLxAkEA9P9ULaCyhYfe mM9tqd5TkN1D92bUA3wGCAqtaVmNaxxKUssxjPR7Scbbn9HN6pYFVsodQ+zU31mz Y9yKYXqz7wJBAPNEIWh2xcT78aEJh6K5dr6pnbQwOSUfxV83wcuqqj3hABBmO1+c DBhSFNMzCotmIUJjc2ty4KHikiQehDjub1UCQQC4ta+/XsJ5TgCS8QBa65XRSCCv 68S4g88ATRyEqtGmCYQ3e552CPTSoKyAh+tZi5Wm42bBCVNMuRI4ndNuvtXdAkEA 7JDwvBnksW8gxy3xTPl21Gs2Bahvqf5/fd1HBLxu2cYYvdntG0kxKeWIguo78tva tCjqcS9B66vd2moiwwp8EQJAKZdFaPMgaRsAR+y/lZX7ohmk/hBR/cuUPo+AKO10 IsK86TAitfiCy35XvLMvz8t0UQhvScEcOvxv3oNE1Zl3wA== -----END RSA PRIVATE KEY----- [root@kamatora ~]# |
続いて、「encription.key」の暗号化を解除した「dencription.key」を作成してみましょう。「Enter pass phrase for encription.key」と「encription.key」のパスワードが入力促されることがわかります。
1 2 3 4 |
[root@kamatora ~]# openssl rsa -in encription.key -out decription.key <span style="color: #ff0000;">Enter pass phrase for encription.key:</span> writing RSA key [root@kamatora ~]# |
内容の確認にパスワードが要求されます。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
[root@kamatora ~]# openssl rsa -text < encription.key <span style="color: #ff0000;">Enter pass phrase:</span> Private-Key: (1024 bit) modulus: 00:e8:cf:90:b2:8e:e7:2e:39:25:56:d7:04:9e:ee: 6d:c9:8f:0f:94:59:ba:2b:25:32:a6:b8:16:48:97: c5:89:d0:bc:bb:24:af:ff:c1:5b:86:1d:fa:70:02: 0d:29:50:ea:c5:7e:2e:ea:f7:1b:19:07:fe:a1:92: 42:fc:75:90:34:7c:63:1d:23:e7:81:fc:ff:e8:51: e4:90:b9:1b:24:6c:65:2b:02:1a:3c:d8:73:d1:60: 88:23:f1:78:95:b9:f4:c6:44:54:af:c7:c6:5a:ff: 78:30:b5:05:a3:a6:e7:ac:fa:80:ff:f4:6f:28:73: 4a:6a:b8:7a:e2:21:f4:5f:5b publicExponent: 65537 (0x10001) privateExponent: 00:c2:6b:a4:c1:19:0a:02:d6:02:52:b5:19:cc:c7: fc:b3:58:5f:80:5a:36:58:95:a5:e9:08:ce:c3:2c: cb:f0:bd:7a:ff:26:32:3c:79:73:3f:5b:85:ab:48: 6b:49:57:a3:d7:ed:fa:ac:8a:53:fc:e1:6a:49:ef: e5:35:03:d0:ba:0c:6d:2a:f6:09:08:30:1f:e5:d7: 1e:ca:5b:22:8e:7c:91:3d:d9:9b:90:95:5e:e8:0e: 35:a2:2b:c7:5a:4e:fc:fe:5d:13:9f:5f:85:62:05: 88:68:17:36:a6:79:62:17:44:eb:f2:7e:4f:da:84: 3e:3f:dc:72:c3:69:ec:62:f1 prime1: 00:f4:ff:54:2d:a0:b2:85:87:de:98:cf:6d:a9:de: 53:90:dd:43:f7:66:d4:03:7c:06:08:0a:ad:69:59: 8d:6b:1c:4a:52:cb:31:8c:f4:7b:49:c6:db:9f:d1: cd:ea:96:05:56:ca:1d:43:ec:d4:df:59:b3:63:dc: 8a:61:7a:b3:ef prime2: 00:f3:44:21:68:76:c5:c4:fb:f1:a1:09:87:a2:b9: 76:be:a9:9d:b4:30:39:25:1f:c5:5f:37:c1:cb:aa: aa:3d:e1:00:10:66:3b:5f:9c:0c:18:52:14:d3:33: 0a:8b:66:21:42:63:73:6b:72:e0:a1:e2:92:24:1e: 84:38:ee:6f:55 exponent1: 00:b8:b5:af:bf:5e:c2:79:4e:00:92:f1:00:5a:eb: 95:d1:48:20:af:eb:c4:b8:83:cf:00:4d:1c:84:aa: d1:a6:09:84:37:7b:9e:76:08:f4:d2:a0:ac:80:87: eb:59:8b:95:a6:e3:66:c1:09:53:4c:b9:12:38:9d: d3:6e:be:d5:dd exponent2: 00:ec:90:f0:bc:19:e4:b1:6f:20:c7:2d:f1:4c:f9: 76:d4:6b:36:05:a8:6f:a9:fe:7f:7d:dd:47:04:bc: 6e:d9:c6:18:bd:d9:ed:1b:49:31:29:e5:88:82:ea: 3b:f2:db:da:b4:28:ea:71:2f:41:eb:ab:dd:da:6a: 22:c3:0a:7c:11 coefficient: 29:97:45:68:f3:20:69:1b:00:47:ec:bf:95:95:fb: a2:19:a4:fe:10:51:fd:cb:94:3e:8f:80:28:ed:74: 22:c2:bc:e9:30:22:b5:f8:82:cb:7e:57:bc:b3:2f: cf:cb:74:51:08:6f:49:c1:1c:3a:fc:6f:de:83:44: d5:99:77:c0 writing RSA key -----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQDoz5CyjucuOSVW1wSe7m3Jjw+UWborJTKmuBZIl8WJ0Ly7JK// wVuGHfpwAg0pUOrFfi7q9xsZB/6hkkL8dZA0fGMdI+eB/P/oUeSQuRskbGUrAho8 2HPRYIgj8XiVufTGRFSvx8Za/3gwtQWjpues+oD/9G8oc0pquHriIfRfWwIDAQAB AoGBAMJrpMEZCgLWAlK1GczH/LNYX4BaNliVpekIzsMsy/C9ev8mMjx5cz9bhatI a0lXo9ft+qyKU/zhaknv5TUD0LoMbSr2CQgwH+XXHspbIo58kT3Zm5CVXugONaIr x1pO/P5dE59fhWIFiGgXNqZ5YhdE6/J+T9qEPj/ccsNp7GLxAkEA9P9ULaCyhYfe mM9tqd5TkN1D92bUA3wGCAqtaVmNaxxKUssxjPR7Scbbn9HN6pYFVsodQ+zU31mz Y9yKYXqz7wJBAPNEIWh2xcT78aEJh6K5dr6pnbQwOSUfxV83wcuqqj3hABBmO1+c DBhSFNMzCotmIUJjc2ty4KHikiQehDjub1UCQQC4ta+/XsJ5TgCS8QBa65XRSCCv 68S4g88ATRyEqtGmCYQ3e552CPTSoKyAh+tZi5Wm42bBCVNMuRI4ndNuvtXdAkEA 7JDwvBnksW8gxy3xTPl21Gs2Bahvqf5/fd1HBLxu2cYYvdntG0kxKeWIguo78tva tCjqcS9B66vd2moiwwp8EQJAKZdFaPMgaRsAR+y/lZX7ohmk/hBR/cuUPo+AKO10 IsK86TAitfiCy35XvLMvz8t0UQhvScEcOvxv3oNE1Zl3wA== -----END RSA PRIVATE KEY----- [root@kamatora ~]# |
「decription.ke」を確認してみましょう。パスワードが要求されないことが確認できると思います。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
[root@kamatora ~]# openssl rsa -text < decription.key Private-Key: (1024 bit) modulus: 00:e8:cf:90:b2:8e:e7:2e:39:25:56:d7:04:9e:ee: 6d:c9:8f:0f:94:59:ba:2b:25:32:a6:b8:16:48:97: c5:89:d0:bc:bb:24:af:ff:c1:5b:86:1d:fa:70:02: 0d:29:50:ea:c5:7e:2e:ea:f7:1b:19:07:fe:a1:92: 42:fc:75:90:34:7c:63:1d:23:e7:81:fc:ff:e8:51: e4:90:b9:1b:24:6c:65:2b:02:1a:3c:d8:73:d1:60: 88:23:f1:78:95:b9:f4:c6:44:54:af:c7:c6:5a:ff: 78:30:b5:05:a3:a6:e7:ac:fa:80:ff:f4:6f:28:73: 4a:6a:b8:7a:e2:21:f4:5f:5b publicExponent: 65537 (0x10001) privateExponent: 00:c2:6b:a4:c1:19:0a:02:d6:02:52:b5:19:cc:c7: fc:b3:58:5f:80:5a:36:58:95:a5:e9:08:ce:c3:2c: cb:f0:bd:7a:ff:26:32:3c:79:73:3f:5b:85:ab:48: 6b:49:57:a3:d7:ed:fa:ac:8a:53:fc:e1:6a:49:ef: e5:35:03:d0:ba:0c:6d:2a:f6:09:08:30:1f:e5:d7: 1e:ca:5b:22:8e:7c:91:3d:d9:9b:90:95:5e:e8:0e: 35:a2:2b:c7:5a:4e:fc:fe:5d:13:9f:5f:85:62:05: 88:68:17:36:a6:79:62:17:44:eb:f2:7e:4f:da:84: 3e:3f:dc:72:c3:69:ec:62:f1 prime1: 00:f4:ff:54:2d:a0:b2:85:87:de:98:cf:6d:a9:de: 53:90:dd:43:f7:66:d4:03:7c:06:08:0a:ad:69:59: 8d:6b:1c:4a:52:cb:31:8c:f4:7b:49:c6:db:9f:d1: cd:ea:96:05:56:ca:1d:43:ec:d4:df:59:b3:63:dc: 8a:61:7a:b3:ef prime2: 00:f3:44:21:68:76:c5:c4:fb:f1:a1:09:87:a2:b9: 76:be:a9:9d:b4:30:39:25:1f:c5:5f:37:c1:cb:aa: aa:3d:e1:00:10:66:3b:5f:9c:0c:18:52:14:d3:33: 0a:8b:66:21:42:63:73:6b:72:e0:a1:e2:92:24:1e: 84:38:ee:6f:55 exponent1: 00:b8:b5:af:bf:5e:c2:79:4e:00:92:f1:00:5a:eb: 95:d1:48:20:af:eb:c4:b8:83:cf:00:4d:1c:84:aa: d1:a6:09:84:37:7b:9e:76:08:f4:d2:a0:ac:80:87: eb:59:8b:95:a6:e3:66:c1:09:53:4c:b9:12:38:9d: d3:6e:be:d5:dd exponent2: 00:ec:90:f0:bc:19:e4:b1:6f:20:c7:2d:f1:4c:f9: 76:d4:6b:36:05:a8:6f:a9:fe:7f:7d:dd:47:04:bc: 6e:d9:c6:18:bd:d9:ed:1b:49:31:29:e5:88:82:ea: 3b:f2:db:da:b4:28:ea:71:2f:41:eb:ab:dd:da:6a: 22:c3:0a:7c:11 coefficient: 29:97:45:68:f3:20:69:1b:00:47:ec:bf:95:95:fb: a2:19:a4:fe:10:51:fd:cb:94:3e:8f:80:28:ed:74: 22:c2:bc:e9:30:22:b5:f8:82:cb:7e:57:bc:b3:2f: cf:cb:74:51:08:6f:49:c1:1c:3a:fc:6f:de:83:44: d5:99:77:c0 writing RSA key -----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQDoz5CyjucuOSVW1wSe7m3Jjw+UWborJTKmuBZIl8WJ0Ly7JK// wVuGHfpwAg0pUOrFfi7q9xsZB/6hkkL8dZA0fGMdI+eB/P/oUeSQuRskbGUrAho8 2HPRYIgj8XiVufTGRFSvx8Za/3gwtQWjpues+oD/9G8oc0pquHriIfRfWwIDAQAB AoGBAMJrpMEZCgLWAlK1GczH/LNYX4BaNliVpekIzsMsy/C9ev8mMjx5cz9bhatI a0lXo9ft+qyKU/zhaknv5TUD0LoMbSr2CQgwH+XXHspbIo58kT3Zm5CVXugONaIr x1pO/P5dE59fhWIFiGgXNqZ5YhdE6/J+T9qEPj/ccsNp7GLxAkEA9P9ULaCyhYfe mM9tqd5TkN1D92bUA3wGCAqtaVmNaxxKUssxjPR7Scbbn9HN6pYFVsodQ+zU31mz Y9yKYXqz7wJBAPNEIWh2xcT78aEJh6K5dr6pnbQwOSUfxV83wcuqqj3hABBmO1+c DBhSFNMzCotmIUJjc2ty4KHikiQehDjub1UCQQC4ta+/XsJ5TgCS8QBa65XRSCCv 68S4g88ATRyEqtGmCYQ3e552CPTSoKyAh+tZi5Wm42bBCVNMuRI4ndNuvtXdAkEA 7JDwvBnksW8gxy3xTPl21Gs2Bahvqf5/fd1HBLxu2cYYvdntG0kxKeWIguo78tva tCjqcS9B66vd2moiwwp8EQJAKZdFaPMgaRsAR+y/lZX7ohmk/hBR/cuUPo+AKO10 IsK86TAitfiCy35XvLMvz8t0UQhvScEcOvxv3oNE1Zl3wA== -----END RSA PRIVATE KEY----- [root@kamatora ~]# |