ejes consulting

Techincal Consulting Design and Automation

Posts Tagged ‘encrypted tunnel

Raw, Encrypted Tunnel with OpenSSL and NetCat

leave a comment »

I use netcat on my local network to transfer files very quickly without the overhead of a more complex protocol.

Just for those who don’t; here’s how:

on my home server, i transfer “myfile” on port “1024” to the computer named “MacBook”

root@homeserver:~# nc MacBook 1024 < myfile

and on my mac, i receive “myfile”, listening on port 1024

MacBook:~ ejes$ nc -l 1024 >myfile

this works, and is fairly quick.  if you need some validation that the file received is the original file, you can use md5 on Mac, and most BSDs;

MacBook:~ ejes$ md5 myfile
 MD5 (myfile) = 47f7f451e2e6d462a35a3d88b594e283

and md5sum on Linux.

root@homeserver:~# md5sum myfile
 47f7f451e2e6d462a35a3d88b594e283  myfile

Sometimes, however, I need to send a file, quickly, ad-hoc across the big ol’ scary internet.  this means that i’m sending “private” information across a “public” network.  I hate doing that, because anything on the the internet is subject to snooping.

What can we do?  Encrypt our transfer.  Thankfully, OpenSSL has the ability to help us do that.

So, to repeat the same transfer as above, but encrypted.  We setup our “listener first”, I’m listening on my mac, but the same command line would work in most BSD flavors:

MacBook:~ ejes$ nc -l 1024 | openssl enc -d -aes-256-cbc -out myfile
 enter aes-256-cbc decryption password:

and on the sending machine you need to use:

root@homeserver:~# openssl enc -e -aes-256-cbc -in built | nc MacBook 1024
 enter aes-256-cbc encryption password:
 Verifying - enter aes-256-cbc encryption password:

Of course OpenSSL supports plenty other encryption methods than aes-256, so feel free to explore. list-cipher-commands should help.

root@homeserver:~# openssl list-cipher-commands
aes-128-cbc
aes-128-ecb
aes-192-cbc
aes-192-ecb
aes-256-cbc
aes-256-ecb
base64
bf
bf-cbc
bf-cfb
bf-ecb
bf-ofb
camellia-128-cbc
camellia-128-ecb
camellia-192-cbc
camellia-192-ecb
camellia-256-cbc
camellia-256-ecb
cast
cast-cbc
cast5-cbc
cast5-cfb
cast5-ecb
cast5-ofb
des
des-cbc
des-cfb
des-ecb
des-ede
des-ede-cbc
des-ede-cfb
des-ede-ofb
des-ede3
des-ede3-cbc
des-ede3-cfb
des-ede3-ofb
des-ofb
des3
desx
rc2
rc2-40-cbc
rc2-64-cbc
rc2-cbc
rc2-cfb
rc2-ecb
rc2-ofb
rc4
rc4-40
seed
seed-cbc
seed-cfb
seed-ecb
seed-ofb
zlib

Written by ejes

May 1, 2013 at 9:12 pm