Actions
Todo #15521
closedAdd alert to use single quotes as escape characters when decrypting config.xml using OpenSSL on command line
Start date:
Due date:
% Done:
100%
Estimated time:
Description
https://docs.netgate.com/pfsense/en/latest/backup/restore.html#encrypted-configuration-files
A password such as V!4z!$3YvpYs5e
will need single quotes surrounding it or an error is returned. Version is OpenSSL 3.0.9 30 May 2023 (Library: OpenSSL 3.0.9 30 May 2023)
.
openssl enc -d -a -aes-256-cbc -in config-pfSense.home.arpa-20240525205454.xml -out dencryptedfile.xml -pass pass:V!4z!$3YvmYs5e -salt -md sha256 -pbkdf2 -iter 500000 openssl enc -d -a -aes-256-cbc -in config-pfSense.home.arpa-20240525205454.xml -out dencryptedfile.xml -pass pass:Vsudo -izDownloads/3YvmYs5e -salt -md sha256 -pbkdf2 -iter 500000 enc: Unknown cipher: izDownloads/3YvmYs5e enc: Use -help for summary. 00BEC73FAE760000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (izDownloads/3YvmYs5e : 0), Properties (<null>)
There may be a more graceful way to do this since using an encryption password which contains a single quote will error out as well. The pfSense GUI doesn't seem to have this problem but affects Linux and presumably other systems where you can work with openssl directly like this.
Updated by Jim Pingle 3 months ago
- Status changed from New to Closed
- Assignee set to Jim Pingle
- % Done changed from 0 to 100
Actions