Differences

This shows you the differences between two versions of the page.

--- ubuntu:openssl:encrypt_a_file [2021/01/30 18:34] – [Encrypt (non-interactive)] peter
+++ ubuntu:openssl:encrypt_a_file [2021/01/30 18:34] (current) – [Encrypt (interactive)] peter
@@ Line 117: / Line 117: @@
 openssl enc -aes-256-cbc -in file.txt.enc -out file.txt  -iter 29 -k PASS
 </code>
+<WRAP info>
+**NOTE:**  The iteration count is for the PBKDF2 hashing algorithm that is designed to make password cracking much much harder.
+Using a low iteration count like 29 is not very useful.
+The count should be made as large as you can without it becoming too annoying (1 to 2 seconds of iteration).
+The current default of 10000 is var too low, even when it was released!  500000 or higher is better.
+</WRAP>
 ----