1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"
5 <!-- entities files to use -->
6 <!ENTITY % global_entities SYSTEM '../entities/global.entities'>
10 <refentry id='amcrypt-ossl.8'>
13 <refentrytitle>amcrypt-ossl</refentrytitle>
14 <manvolnum>8</manvolnum>
20 <refname>amcrypt-ossl</refname>
21 <refpurpose>crypt program for &A; symmetric data encryption using OpenSSL</refpurpose>
26 <!-- body begins here -->
29 <command>amcrypt-ossl</command>
30 <arg choice="opt">-d</arg>
34 <title>DESCRIPTION</title>
36 &amcryptossl; uses <emphasis remap='B'>OpenSSL</emphasis> to encrypt
37 and decrypt data. OpenSSL is available from <ulink
38 url="http://www.openssl.org/">www.openssl.org</ulink>. OpenSSL
39 offers a wide variety of cipher choices (&amcryptossl; defaults to
40 256-bit AES) and can use hardware cryptographic accelerators on several
44 &amcryptossl; will search for the OpenSSL program in the following
45 directories: /bin:/usr/bin:/usr/local/bin:/usr/ssl/bin:/usr/local/ssl/bin.
49 <title>PASSPHRASE MANAGEMENT</title>
51 &amcryptossl; uses the same pass phrase to encrypt and decrypt data.
52 It is very important to store and protect the pass phrase properly.
53 Encrypted backup data can <emphasis remap='B'>only</emphasis> be
54 recovered with the correct passphrase.
57 OpenSSL's key derivation routines use a salt to guard against
58 dictionary attacks on the pass phrase; still it is important to pick
59 a pass phrase that is hard to guess. The Diceware method (see <ulink
60 url="http://www.diceware.com/">www.diceware.com</ulink>) can be used to create passphrases
61 that are difficult to guess and easy to remember.
66 <variablelist remap='TP'>
68 <term>/var/lib/amanda/.am_passphrase</term>
71 File containing the pass phrase. It should not be readable by any user other than the &A; user.
79 <title>SEE ALSO</title>
82 <refentrytitle>amanda</refentrytitle>
83 <manvolnum>8</manvolnum>
86 <refentrytitle>amanda.conf</refentrytitle>
87 <manvolnum>5</manvolnum>
90 <refentrytitle>openssl</refentrytitle>
91 <manvolnum>1</manvolnum>
94 <refentrytitle>amcrypt-ossl-asym</refentrytitle>
95 <manvolnum>8</manvolnum>
97 <ulink url="http://wiki.zmanda.com"/>