Encrypt on Solaris, decrypt on Linux

I have encrypted a file on a Solaris server using the encrypt command, with a keyfile generated via pktool (choosing AES-128 as the algorithm). I do not have access to any other encryption utilities on this server. What application(s) could I use to decrypt this file on a more generic Linux server?

EDIT:

Here are the Solaris commands I used:

pktool genkey keystore=file outkey=testkeyfile.dat dir=mydir
keytype=aes keylen=128 encrypt -a aes -k mydir/testkeyfile.dat -i mydir/myfile -v -o mydir/myfile.enc

I also ran the following to check that the file was correctly encrypted:

decrypt -a aes -k mydir/testkeyfile.dat -i mydir/myfile.enc -v -o mydir/myfile2

I suspect mcrypt is probably the way to go here, but can anyone advise on the options that I'd need to use?

user3490

Posted 2013-06-02T21:43:05.527

Reputation: 484

have you tried using mcrypt on linux to decrypt it? – Frank Thomas – 2013-06-02T22:19:54.753

After a bit of further reading that was my first thought as well, but I'm not sure what settings I'd need to use to get it to work. – user3490 – 2013-06-03T06:55:11.800

@FrankThomas I've now tried using mcrypt on Ubuntu 12.10 but so far no luck. – user3490 – 2013-06-04T20:56:38.900

Answers

What about using the openssl command? I'm almost positive it comes preinstalled on Solaris, possibly somewhere under /usr/sfw/?

Check the official openssl documentation here:

http://www.openssl.org/docs/apps/enc.html

Or someone else's useful guide:

http://www.madboa.com/geek/openssl/#encrypt-simple

Andrew Harrison

Posted 2013-06-02T21:43:05.527

Reputation: 156

Like I said, I don't have access to any other encryption utilities on the server. Unfortunately this includes openssl - there is a man page for it on the system, but it only describes how to use it in a compiled program. I am not able to call it from the command line. – user3490 – 2013-06-23T11:51:32.507

Actually, this is installed and I've got it working (it was in /usr/sfw/bin - whereis only knew about the man page). I still need to successfully decrypt a file on another server. If it works, the bounty is yours. – user3490 – 2013-06-23T12:20:09.290

Confirmed working on Ubuntu 12.10. Thanks! – user3490 – 2013-06-24T21:35:06.303

If the system tools are not compatible, you could use other cross-platform encrypters.

Some of the best-known tools are GnuPG and AES Crypt, available and compatible across almost all platforms.

harrymc

Posted 2013-06-02T21:43:05.527

Reputation: 306 093

I don't think these are installed on the solaris server in question. I don't have superuser privileges, so I don't think I'd be able to install anything, and in this case I can't get anyone else to do it either. – user3490 – 2013-06-23T11:56:44.923

You may not need superuser. See How can I install an RPM without being root?.

– harrymc – 2013-06-23T13:41:02.477

Thanks for the suggestion - I attempted this with an unrelated rpm but got an error running the make command, presumably because something wasn't in the expected location. – user3490 – 2013-06-24T21:33:41.843

Yes, not all packages can be installed that way. This should work for GnuPG version 1.4.13 which is portable. You might also just compile from source. See for example this lightweight implementation.

– harrymc – 2013-06-25T06:56:04.583

I have a perl script that will decrypt files encrypted with Solaris' 'encrypt' command and with the arcfour algorithm. It works on linux.

perlygatekeeper

Posted 2013-06-02T21:43:05.527

Reputation: 1

1This is not enough information to solve the question. Please add where you got the script and how to use it. – Cfinley – 2014-07-15T16:41:51.763

I wrote it. where can I put it and reference it here. Could I add the source here? – perlygatekeeper – 2014-07-16T19:43:31.767

I would edit your answer and put it in, as long as you explain what it does and how to use it. – Cfinley – 2014-07-16T19:53:44.867