Decrypt backup on OpenSSL 1.1.0

Version 1.62.0


The and use the internal default digest for the password key. As of OpenSSL 1.1.0, the default md has changed from "md5" to "sha256". The .sh script did not specify which digest should be used, so decrypting a tar.gz.enc file on a newer OS (CentOS 8), where the file was encoded on an older OS (CentOS 6), would result in a decryption error: bad decrypt 140209317685056:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:616: The solution is to change both script to explicitly chose to use "-md sha-256". However, for .enc files that have been created with md5, should the first decryption fail, it will automatically attempt an md5 decryption. ===== NOTE The warning: *** WARNING : deprecated key derivation used. Using -iter or -pbkdf2 would be better. can be ignored for the time being and does not currently affect the actual decryption. This will likely be reassessed in the future to determine if those options can be easily added to all encryptions, where available, without affecting decryption with various openssl versions. ---- T30887

Interested to try DirectAdmin? Get a 30-day Free Trial!