1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"
5 <!-- entities files to use -->
6 <!ENTITY % global_entities SYSTEM '../entities/global.entities'>
10 <refentry id='amcrypt-ossl.8'>
13 <refentrytitle>amcrypt-ossl</refentrytitle>
14 <manvolnum>8</manvolnum>
17 <refname>amcrypt-ossl</refname>
18 <refpurpose>crypt program for &A; symmetric data encryption using OpenSSL</refpurpose>
20 <!-- body begins here -->
23 <command>amcrypt-ossl</command>
24 <arg choice="opt">-d</arg>
28 <title>DESCRIPTION</title>
30 &amcryptossl; uses <emphasis remap='B'>OpenSSL</emphasis> to encrypt
31 and decrypt data. OpenSSL is available from <ulink
32 url="http://www.openssl.org/">www.openssl.org</ulink>. OpenSSL
33 offers a wide variety of cipher choices (&amcryptossl; defaults to
34 256-bit AES) and can use hardware cryptographic accelerators on several
38 &amcryptossl; will search for the OpenSSL program in the following
39 directories: /bin:/usr/bin:/usr/local/bin:/usr/ssl/bin:/usr/local/ssl/bin.
43 <title>PASSPHRASE MANAGEMENT</title>
45 &amcryptossl; uses the same pass phrase to encrypt and decrypt data.
46 It is very important to store and protect the pass phrase properly.
47 Encrypted backup data can <emphasis remap='B'>only</emphasis> be
48 recovered with the correct passphrase.
51 OpenSSL's key derivation routines use a salt to guard against
52 dictionary attacks on the pass phrase; still it is important to pick
53 a pass phrase that is hard to guess. The Diceware method (see <ulink
54 url="http://www.diceware.com/">www.diceware.com</ulink>) can be used to create passphrases
55 that are difficult to guess and easy to remember.
60 <variablelist remap='TP'>
62 <term>/var/lib/amanda/.am_passphrase</term>
65 File containing the pass phrase. It should not be readable by any user other than the &A; user.
72 <title>SEE ALSO</title>
75 <refentrytitle>amanda</refentrytitle>
76 <manvolnum>8</manvolnum>
79 <refentrytitle>amanda.conf</refentrytitle>
80 <manvolnum>5</manvolnum>
83 <refentrytitle>openssl</refentrytitle>
84 <manvolnum>1</manvolnum>
87 <refentrytitle>amcrypt-ossl-asym</refentrytitle>
88 <manvolnum>8</manvolnum>