
You won't remember the OpenSSL options, so here's bash shortcuts for everything - mikemaccana
https://certsimple.com/blog/openssl-shortcuts
======
atoponce
On the one hand, this is really quite good. I'm always interested in making my
time at the command line more efficient. If I put this in my shell's config,
and remember the function names, I'm golden.

On the other hand, I've learned more from continuing to read the manpages than
probably anything else. And the OpenSSL commands that I use frequently, such
as connecting to a site with TLS, or checking a certificate chain, can now be
easily recalled from memory, and I feel I'm better off for it, especially if
I'm at a terminal where my OpenSSL functions might not be installed.

------
atoponce
Encrypting files should probably include a salt-per-file, otherwise the same
file contents will produce the same ciphertext when the same passphrase is
provided.

    
    
        function openssl-encrypt() {
            openssl enc -aes-256-cbc -salt -in "${1}" -out "${2}"
        }

------
blakesterz
This is great. Now I just need to remember the shortcuts! I have such a giant
collection of bash short cuts in my .bashrc and other dotfiles that I can't
seem to remember ANY of them and end up just typing everything out in the end
:-)

------
gt99
function openssl-key-to-pin() { openssl rsa -in "${1}" -outform der -pubout |
openssl dgst -sha256 -binary | openssl enc -base64 }

function openssl-website-to-pin() { openssl s_client -connect ${1}:443 |
openssl x509 -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst
-sha256 -binary | openssl enc -base64 }

~~~
nailer
Awesome - for HPKP?

~~~
gt99
Yup, exactly. :)

Would probably be more verbose if named:

openssl-key-to-hpkp-pin

openssl-website-to-hpkp-pin

~~~
nailer
Added and credited :-)

~~~
gt99
Thanks! And thanks for the article! Lots of great shortcuts, they all made it
to my .bashrc ;)

