4、对用户密码进行hash:
openssl passwd -1 [-salt SALT]
-1:表示使用的hash算法是MD5;
-salt SALT:输入作为salt的字符串;
[root@CentOS6 tmp]# openssl passwd -1 #使用md5来hash密码;
Password: #输入要hash的密码;
Verifying - Password: #确认输入;
$1$mgYuAGde$OHKciTF3gV9YZKMZUPyW./ #hash后的结果;
[root@CentOS6 tmp]# openssl passwd -1 -salt aa
Password:
$1$aa$9dcbvI.WtNPFK0cdGuO/W0
5、生成随机数:
openssl rand -base64|-hex num
-base64|-hex:对随机字符串进行base64编码或用hex格式显示;
num:指定产生指定长度num个bytes的随机字符;
[root@CentOS6 tmp]# openssl rand -hex 5 #表示随机生成5bytes的随机数,并用base64编码显示;
c0a6f4c166
[root@CentOS6 tmp]# openssl rand -base64 5 #表示随机生成5bytes的随机数,并用hex编码显示;
McpaNQI=
6、生成私钥:
(umask 077; openssl genrsa -out /path/to/keyfile NUMBEROFBITS )
(命令):表示()里面的命令是在子shell中运行,不影响当前的shell;
NUMBEROFBITS :密钥长度(单位bit);
[root@CentOS6 tmp]# (umask 077;openssl genrsa -out /tmp/key 32)
Generating RSA private key, 32 bit long modulus
.+++++++++++++++++++++++++++
.+++++++++++++++++++++++++++
e is 65537 (0x10001)
[root@CentOS6 tmp]# cat /tmp/key #查看生成的密钥文件;
-----BEGIN RSA PRIVATE KEY-----
MCwCAQACBQCyIttNAgMBAAECBGc3UKUCAwDsewIDAMDXAgMAwQ0CAkWhAgI/Og==
-----END RSA PRIVATE KEY-----
7.提取公钥:
openssl rsa -in /path/from/private_key_file -pubout -out /path/to/Pub_key_file
[root@CentOS6 ~]# openssl rsa -in /tmp/key -pubout #不指定输出到文件,直接把公钥输出到屏幕;
writing RSA key
-----BEGIN PUBLIC KEY-----
MCAwDQYJKoZIhvcNAQEBBQADDwAwDAIFALIi200CAwEAAQ==
-----END PUBLIC KEY-----
[root@CentOS6 ~]# man openssl rsa
[root@CentOS6 ~]# openssl rsa -in /tmp/key -pubout -out /tmp/key_pub #提取公钥输出至文件;
writing RSA key
[root@CentOS6 ~]# cat /tmp/key_pub
-----BEGIN PUBLIC KEY-----
MCAwDQYJKoZIhvcNAQEBBQADDwAwDAIFALIi200CAwEAAQ==
-----END PUBLIC KEY-----