"
I found that that I needed to change the arguments lately to get it working (kept getting "bad decrypt" with the old options)
Looking at the encrypted file, I could some interesting "header" information e.g.:
Based upon that block, I changed to the cli arguments accordingly and it then worked:
Looking at the encrypted file, I could some interesting "header" information e.g.:
Code Select
---- BEGIN config.xml ----
Version: OPNsense 22.1.9
Cipher: AES-256-CBC
PBKDF2: 100000
Hash: SHA512
Based upon that block, I changed to the cli arguments accordingly and it then worked:
Code Select
grep -v "config.xml" encrypted_config.xml | tail -n +6 | openssl enc -base64 -d -aes-256-cbc-md sha-512 -iter 100000 -out decrypted_config.xml
