I was told by my client that I need to encrypt a file using PGP with their public ASC key file they sent me. How can I do with WinSCP or another command line utility on Windows Server. I upload via SFTP SSH after I encrypt, but I need to encrypt file before sending to FTP server.
I have created a jar for encryption using PBE(PBEWITHSHA1ANDDESEDE) algorithm with Jasypt jar file.
Creating encrypt password using this jar file on unix environment but when I am trying to decrypt that password in my local environment (Windows PC) it is throwing error. But when I am encrypting password in my local then same encrypt password I am able to decrypt in my local PC.
I am using jasypt jar file using "PBEWITHSHA1ANDDESEDE" algorithm. Please let me know, is there any environment dependency there in encryption and decryption logic like those password encrypted in unix env can not be decrypted in Windows environment ?
I have looked everywhere and couldn't find any way of encrypting passwords in the collectd.conf file.
Right now I have a collectd config file with the Postgres plugin install and loaded, it requires the connection credentials for each database I'm querying.
This means right now i have the password saved in cleartext in the configuration file.
is there any way to encrypt/hash the passwords in the config file, or even encrypt the entire file(but still make collectd work with it)
EDIT: im working on a linux server (rhel 7.4, using collectd 5.8.0)
I have setup a consul cluster with 3 server nodes. The cluster in unencrypted.
Please let me know what steps do I need to follow to bootstrap encryption into the existing unencrypted cluster without downtime
You can't enable Gossip encryption at runtime. Using consul keyring you can only change the gossip encryption key at runtime (the attempt results in the error message No keyring to modify (encryption not enabled))
You can add TLS by first rolling out your certificates, and then enable the verify* options as outlined in Consul's encryption docs.
I know that rsync can enable / disable the ssh encryption protocol during the file transfer. So, if the ssh encryption protocol has been disabled, does it mean that rsync does not do any encryption at all?
Also, the reason why I asked the above question is we use the rsync module as part of our file transfer and there is nothing in the module that specifies that ssh encryption will be used.
If rsync does not use any encryption, then I can theoretically open a port on both source and destination machines and push the file from source to destination.
If you use the rsync:// protocol scheme (i.e. when you connect to a rsyncd daemon) then no encryption will be used (although password authentication is done using a MD4-based challenge-response system and is probably still reasonably secure).
If you use the hostname:/some/path scheme then rsync transparently calls SSH, which encrypts everything, and uses SSH's native authentication mechanisms. As far as I can tell, some OpenSSH versions supported an option Ciphers null in the configuration file, but this has been removed in later versions.
Generally you shouldn't worry about encryption overhead, unless you are working in a 1 Gbit network or you have old computers.
rsync performs no encryption on its own. If you don't use ssh, nor do you tunnel the rsync traffic through stunnel or some kind of VPN, then no encryption is performed. Yes, you can save some CPU cycles this way.