1、对称加密过程由哪三部分组成
2、使用 openssl 中的 aes 对称加密算法对文件 file.txt 进行加密,然后解密
openssl enc -e -aes-256-cbc -in file.txt -out file.enc
openssl enc -d -aes-256-cbc -in file.enc -out file.txt
3、搭建CA和申请证书
mkdir /etc/pki/CA/{certs,crl,newcerts,private} -pv
touch /etc/pki/CA/index.txt
echo 0F > /etc/pki/CA/serial
(umask 066; openssl genrsa -out private/cakey.pem 2048)
openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -days 3650 -out /etc/pki/CA/cacert.pem
(umask 066 ; openssl genrsa -out app.key 2048)
openssl req -new -key /root/app.key -days 300 -out /root/app.csr
scp app.csr root@10.0.0.8:/tmp
openssl ca -in /tmp/app.csr -out /tmp/app.crt -days 300
scp certs/10.0.0.6httpd.pem root@10.0.0.6:/tmp
4、使用脚本实现多个用户key验证免密登录
#!/bin/bash
NET=10.0.0
PASS=david
ssh-keygen -P "" -f /root/.ssh/id_rsa &> /dev/null
rpm -q sshpass &> /dev/null || yum -y install sshpass &> /dev/null
for i in {1..100}; do
{
sshpass -p $PASS ssh-copy-id -o StrictHostKeyChecking=no -i
/root/.ssh/id_rsa.pub $NET.$i &> /dev/null
} &
done
wait