On Fri, Dec 19, 2014 at 2:40 PM, Brian Mathis <brian.mathis+centos at betteradmin.com> wrote:> > > GPG is really what you want to be using for this. OpenSSL is a general > toolkit that provide a lot of good functions, but you need to cobble some > things together yourself. GPG is meant to handle all of the other parts of > dealing with files. > > I will expand on what someone else mentioned -- asymmetric encryption is > not meant for, and has very poor performance for encrypting data, and also > has a lot of limitations. The correct way to handle this is to create a > symmetric key and use that to encrypt the data, then use asymmetric > encryption to encrypt only the symmetric key. > > GPG takes care of this all internally, so that's what you should be using. >Will GPG use the intel aes hardware acceleration - in the version available for Centos5? -- Les Mikesell lesmikesell at gmail.com
On Fri, Dec 19, 2014 at 3:48 PM, Les Mikesell <lesmikesell at gmail.com> wrote:> On Fri, Dec 19, 2014 at 2:40 PM, Brian Mathis > <brian.mathis+centos at betteradmin.com> wrote: > > > > > > GPG is really what you want to be using for this. OpenSSL is a general > > toolkit that provide a lot of good functions, but you need to cobble some > > things together yourself. GPG is meant to handle all of the other parts > of > > dealing with files. > > > > I will expand on what someone else mentioned -- asymmetric encryption is > > not meant for, and has very poor performance for encrypting data, and > also > > has a lot of limitations. The correct way to handle this is to create a > > symmetric key and use that to encrypt the data, then use asymmetric > > encryption to encrypt only the symmetric key. > > > > GPG takes care of this all internally, so that's what you should be > using. > > > > Will GPG use the intel aes hardware acceleration - in the version > available for Centos5? > > -- > Les Mikesell >It doesn't appear to be available for any program running on CentOS 5. https://www.centos.org/forums/viewtopic.php?t=17713 ? Brian Mathis @orev
John R Pierce
2014-Dec-19 21:40 UTC
[CentOS] Asymmetric encryption for very large tar file
On 12/19/2014 1:22 PM, Brian Mathis wrote:> It doesn't appear to be available for any program running on CentOS 5. > https://www.centos.org/forums/viewtopic.php?t=17713that article is only talking about openssl... openssh, gpg, and others use their own crypto implementations. not centos/rhel specific, but.. Intel claims OpenSSL v1.0 has direct support, 0.9.8k+ has support via a patch. -- john r pierce 37N 122W somewhere on the middle of the left coast