On Wed, Dec 17, 2014 at 11:14 AM, Xinhuan Zheng <xzheng at christianbook.com> wrote: > I have a requirement that I need to use encryption technology to encrypt > very large tar file on a daily basis. The tar file is over 250G size and > those are data backup. Every night the server generated a 250G data backup > and it¹s tar¹ed into one tarball file. I want to encrypt this big tarball > file. So far I have tried two technologies with no success. > 1) generating RSA 2048 public/private key pair via ³openssl req -x509 > -nodes -newkey rsa:2048 -keyout private.pem -out public.pem² command and > uses the public key to encrypt the big tar file. The encryption command I > used is "openssl smime -encrypt -aes256 -in backup.tar -binary -outform > DEM -out backup.tar.ssl public.pem². The resulting backup.tar.ssl file is > only 2G then encryption process stops there and refuse to do more. Cannot > get around 2G. What happens if you use a pipeline or redirection instead of the -in and -out files? I regularly write large tapes with something like: openssl aes-256-cbc -salt -k password <input.tar.gz |dd bs=10240 obs=10240 of=/dev/nst0 Not quite the same, but there does not seem to be an inherent size limit in openssl as long as it is not handling files and it happens at a reasonable speed so it must be using the intel hardware support. -- Les Mikesell lesmikesell at gmail.com