Hi everyone! I want to use openssl aes256 cypher to encrypt a 'tar'ed directory right before it's copied to tape. This line does the job very well:
tar cvzpf - $TARGETFILE | openssl enc -aes-256-cbc -salt -pass "pass:$ENCPASS" -out $TAPEDEV with ENCPASS set to the password. But I'm having second thoughts if the data isn't completely readable from tape any more. If the tar file was unencrypted, I would lose about one or two files in the tar-archive but I would get everything back behind the error. But what will happen if an error occurs upon reading the encrpyted tar-file back from tape? Think of a theoretical single-bit-error or a not-so-small amount of unreadable data (e.g. whole blocks due to crc-errors) from tape. How condoning ist aes256 cbc? Will everything after the error go to hell? If yes, is there another cypher-suite, with which everything behind the error gets "back to normal", so not everything is lost? Thanks, Alex Mack. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
